Methods, systems, and devices for managing medical images and records

ABSTRACT

The disclosure herein provides methods, systems, and devices for managing, transferring, modifying, converting and/or tracking medical files and/or medical system messages. In certain embodiments, the foregoing may generally be based on requesting medical files at a first medical facility, identifying the requested medical files at a second medical facility, initiating a secure network connection between the first and second medical facility, modifying a header portion of the medical files based on patient identification information created by the first medical facility, and other processing steps.

CROSS-REFERENCE TO RELATED APPLICATIONS

This application claims the benefit of U.S. Provisional Application No. 61/531,453, filed Sep. 6, 2011, and titled METHODS, SYSTEMS, AND DEVICES FOR MANAGING MEDICAL IMAGES AND RECORDS, and relates to U.S. Pat. No. 8,065,166, filed Sep. 12, 2008, and titled METHODS, SYSTEMS, AND DEVICES FOR MANAGING MEDICAL IMAGES AND RECORDS, U.S. Pat. No. 8,090,596, filed Jun. 1, 2011, and titled METHODS, SYSTEMS, AND DEVICES FOR TRANSFERRING MEDICAL FILES FROM A SOURCE FACILITY TO A DESTINATION FACILITY, U.S. Pat. No. 8,099,307, filed Jun. 1, 2011, and titled METHODS, SYSTEMS, AND DEVICES FOR MANAGING MEDICAL FILES, U.S. Pat. No. 8,108,228, filed May 31, 2011, and titled METHODS, SYSTEMS, AND DEVICES FOR TRANSFERRING MEDICAL FILES, U.S. Pat. No. 8,121,870, filed May 31, 2011, and titled METHODS, SYSTEMS, AND DEVICES FOR VERIFYING AND APPROVING GOVERNMENT REQUIRED RELEASE FORMS, U.S. Pat. No. 8,131,569, filed Jun. 1, 2011, and titled METHODS, SYSTEMS, AND DEVICES FOR MODIFYING MEDICAL FILES, U.S. Pat. No. 8,195,483, filed May 31, 2011, and titled METHODS, SYSTEMS, AND DEVICES FOR CONTROLLING A PERMISSION-BASED WORKFLOW PROCESS FOR TRANSFERRING MEDICAL FILES, and U.S. patent application Ser. No. 13/443,792, filed Apr. 10, 2012, and titled METHODS, SYSTEMS, AND DEVICES FOR MANAGING TRANSFER OF MEDICAL FILES which all claim the benefit of U.S. Provisional Application No. 60/983,873 filed Oct. 30, 2007, and titled METHODS, SYSTEMS, AND DEVICES FOR TRANSFERRING MEDICAL IMAGES AND RECORDS. This application also relates to U.S. patent application Ser. No. 13/265,526, filed Apr. 23, 2010, and titled METHODS, SYSTEMS, AND DEVICES FOR MANAGING MEDICAL IMAGES AND RECORDS, which claims the benefit of U.S. Provisional Application No. 61/173,932, filed Apr. 29, 2009, and titled SYSTEM AND APPARATUS FOR MANAGING MEDICAL IMAGES AND RECORDS. Each of the foregoing applications is hereby incorporated herein by reference in its entirety, specifically the systems, methods, and devices for transferring and managing medical images, records, and other related data.

BACKGROUND

1. Field

Embodiments of the invention relate to the field of data management, and, in particular, to methods, systems, and devices for managing medical images and records data.

2. Description of the Related Art

With the development of new technologies, medical images and/or records are increasingly created and stored electronically. For example, medical images are frequently created and stored in digital form versus on hard-copy films. The same is generally true for various medical records. Despite such advancements, hard-copies of medical image and record files are nonetheless physically transferred by courier. Alternatively, medical image and record files are copied onto an electronic storage medium, such as a CDROM, and the storage medium is physically transferred from one medical facility to another.

SUMMARY

Advancements in technology make it possible to electronically transfer medical images, records, and/or medical system messages between and/or among medical professionals, medical facilities, medical systems, and/or healthcare systems using a permission-based on-demand transfer methodology as described herein. In certain embodiments, the transfer of medical images, records, files, medical system messages, and/or examinations involves the use of central authentication through a main server system, a web-based work flow management system, and/or a smart local client server system. The capability of electronically transferring medical image and record files not only enables the electronic transfer of such files, but also enables off-site viewing and reporting, off-site backup for redundancy and disaster recovery, and/or other tele-diagnosis and telemedicine scenarios.

In one embodiment, a computer-implemented method for transferring one or more medical files from a source facility to a destination facility over a computer network comprises displaying by a user access point system a list of one or more medical files associated with a user, wherein the one or more medical files are located at one or more medical facilities, receiving by the user access point system a request from the user to transfer one or more medical files from a source facility to a destination facility, scanning by the user access point system an authentication key, wherein the authentication key is generated by a client server system of the one or more medical facilities, given to the user after verifying identification of the user by the one or more medical facilities, and transmitted electronically to a main server, and transmitting electronically by the user access point system the scanned authentication key to the main server, wherein the main server is configured to compare the scanned authentication key to the authentication key received from the client server system, wherein the main server is further configured to initiate transfer of the one or more medical files from the source facility to the destination facility over the computer network based on the authentication, and wherein the user access point system comprises a computer processor and an electronic storage medium.

In other embodiments, a computer-implemented method for transferring one or more medical files from a source facility to a destination facility over a computer network comprises receiving by a main server a request from a user access point system to transfer one or more medical files from the source facility to the destination facility, wherein the request comprises a first patient identifier and a second patient identifier, wherein the first patient identifier is used by the source facility to identify the user and the second patient identifier is used by the destination facility to identify the user, determining by the main server a user identifier associated with the user based on the received request, wherein the user identifier is used by the main server to identify the user, transmitting electronically by the main server a first electronic communication to the source facility to transfer the one or more medical files to the destination facility, wherein the first electronic communication comprises the first patient identifier and the user identifier, wherein the source facility is configured to replace the first patient identifier with the user identifier in the one or more medical files and transfer the one or more medical files to the destination facility based on the first electronic communication, transmitting electronically by the main server a second electronic communication to the destination facility to receive the one or more medical files from the source facility, wherein the second electronic communication comprises the second patient identifier and the user identifier, wherein the destination facility is configured to receive the one or more medical files from the source facility and replace the user identifier with the second patient identifier in the one or more medical files based on the first electronic communication, wherein the user access point system comprises a computer processor and an electronic storage medium.

In other embodiments, a computer-implemented method for transferring one or more medical files from a source facility to a destination facility over a computer network comprises receiving by a user access point system a request from a user to transfer one or more medical files from the source facility to the destination facility, generating by the user access point system an electronic communication based on the request and transmitting the electronic communication to a main server, wherein the main server is configured to generate a unique code based on the request, receiving by the user access point system the unique code from the main server, displaying by the user access point system the unique code, wherein scanning the unique code at the destination facility initiates generation of an authentication message to the main server, wherein the main server is further configured to initiate the transfer of the one or more medical files from the source facility to the destination facility based on the authentication message, wherein the user access point system comprises a computer processor and an electronic storage medium.

In one embodiment, a method of electronically transferring medical files from a source medical facility to a destination medical facility comprises receiving a request to transfer at least one medical file from the source medical facility, wherein the request comprises at least patient information, and a first encryption key for establishing a secure network connection; establishing and/or accessing a secure network connection between the source medical facility and the destination medical facility with coordinated encryption keys and/or paired keys; receiving the at least one medical file from a source database for medical files; transferring the at least one medical file over the secure network connection to the destination medical facility; terminating the secure network connection after said transferring. The method of electronically transferring medical files can also comprise modifying a header portion of the at least one medical file to remove a first patient identification and replace the first patient identification with a second patient identification, wherein the first patient identification is assigned by the source medical facility and the second patient identification is assigned by the destination medical facility. The method of electronically transferring medical files can also comprise modifying the header portion of the at least one medical file to remove a first accession number and replace the first accession number with a second accession number, wherein the first accession number is assigned by the source medical facility and the second accession number is assigned by the destination medical facility; and storing the at least one medical file in a storage database for medical files. The method of electronically transferring medical files can also comprise inserting in the header portion a first accession number to substitute a second accession number existing in the header portion; and storing the at least one medical file in a storage database for medical files. In certain embodiments, the coordinated encryption keys and/or paired keys can be the first encryption key and a second encryption key, wherein the first encryption key is received by the destination facility and the second encryption key is received by the source medical facility.

In other embodiments, the source database is a picture archiving and communication systems (PACS) and/or an image server in the above method of electronically transferring medical files, for example, image files. In the above method of electronically transferring medical files, the source database can also be a radiology information system, wherein the sending further comprises creating an Observation/Results Message (OBX), and/or equivalent message or system communication, or the like, to transmit the medical file, for example, medical report files, from the radiology information system. In the above method of electronically transferring medical files, for example, image files, the storage database can be a PACS and/or an image server. In the above method of electronically transferring medical files, for example, medical report files, the storage database can be a radiology information system, wherein the storing further comprises receiving an OBX, and/or equivalent message or system communication, or the like, to store the medical file in the radiology information system.

In other embodiments, a method of electronically transferring medical files from a source medical facility to a destination medical facility comprises receiving an instruction and/or message and/or other system communication to receive at least one medical file from the source medical facility, wherein the instruction comprises at least patient information, and a first encryption key for establishing a secure network connection; establishing a secure network connection between the destination medical facility and the source medical facility with the first encryption key and a second encryption key, for example, the source medical facility having the second encryption key; receiving the at least one medical file from the source medical facility over the secure network connection; and terminating the secure network connection after said receiving. The method of transferring medical files can also comprise modifying a header portion of the at least one medical file to remove a first patient identification and replace the first patient identification with a second patient identification, wherein the first patient identification is assigned by the source medical facility and the second patient identification is assigned by the destination medical facility. The method of transferring medical files can also comprise further modifying the header portion of the at least one medical file to remove a first accession number and replace the first accession number with a second accession number, wherein the first accession number is assigned by the source medical facility and the second accession number is assigned by the destination medical facility. The method of transferring medical files can also comprise inserting in the header portion a first accession number to substitute a second accession number existing in the header portion; and/or storing the medical file in a storage database for medical files.

In other embodiments, a method of electronically transferring medical files from a source medical facility to a destination medical facility comprises receiving an instruction and/or message and/or other system communication to transfer at least one medical file from the source medical facility, wherein the instruction and/or message and/or other system communication comprises at least patient information, and a first encryption key for establishing a secure network connection; establishing a secure network connection between the source medical facility and the destination medical facility with the first encryption key and a second encryption key; and receiving the at least one medical file from a source database for medical files. The method of electronically transferring medical files can also comprise modifying a header portion of the at least one medical file to add an entry comprising audit trail data to record the transfer of the at least one medical file; transferring the at least one medical file over the secure network connection to the destination medical facility; and terminating the secure network connection after said transferring.

In other embodiments, a system for electronically transferring medical files from a source medical facility to a destination medical facility comprises an instruction management module configured to process an instruction and/or message and/or other system communication to receive at least one medical file from the source medical facility, wherein the instruction and/or message and/or other system communication comprises at least patient information, and a first encryption key for establishing a secure network connection; a communications module for establishing a secure network connection between the destination medical facility and the source medical facility with the first encryption key and a second encryption key, wherein the at least one medical file is transferred over the secure network connection; a filter module configured to modify a header portion of the at least one medical file to add an entry comprising audit trail data to record the transfer of the at least one medical file; and a storage module configured to determine whether to store the at least one medical file in at least a PACS, an image server, a radiology information system, or a hospital information system, wherein the determination is based on a file type of the at least one medical file.

In other embodiments, a method for transferring medical files from a source medical facility to a destination medical facility comprises reviewing a request to transfer at least one medical file from the source medical facility to the destination medical facility; locating the at least one medical file in a database accessible by the source medical facility, wherein the database is at least a PACS, an image server database, a radiology information system, or a hospital information system; sending an approval to a main server system to approve the transfer of the at least one medical file, wherein the sending causes transferring of the at least one medical file from the source medical facility to the destination medical facility, and modifying a header portion of the at least one medical file to remove a first patient identification and replace the first patient identification with a second patient identification, wherein the first patient identification is assigned by the source medical facility and the second patient identification is assigned by the destination medical facility; and receiving an acknowledgement communication indicating that the at least one medical file was transferred between the source medical facility and the destination medical facility. In other embodiments of the above method for transferring medical files, the locating comprises manually, or semi-automatically, or automatically locating the at least one medical file by a film librarian.

In other embodiments, a system for electronically transferring medical files from a source medical facility to a destination medical facility comprises a user interface module configured to receive an approval communication from a user to transfer the at least one medical file, wherein the user manually locates the at least one medical file; a communications module for sending a request to the destination medical facility based on the approval communication, wherein the request comprises at least patient information, and a first encryption key for establishing a secure network connection between the destination medical facility and the source medical facility with the first encryption key and a second encryption key; wherein the sending causes receiving of the at least one medical file at the destination medical facility, and modifying of a header portion of the at least one medical file to remove a first patient identification and replace the first patient identification assigned by the source medical facility with a second patient identification assigned by the destination medical facility. In certain embodiments, the at least one medical file is located semi-automatically or automatically by the system, and the resulting medical files can be displayed to the user for selection and/or approval.

In certain embodiments, the system for electronically transferring medical files from a source medical facility to a destination medical facility comprises storing data in various data fields and/or tags and/or private tags in the electronic data file of the medical files. For example, the data stored may include without limitation a source medical facility identification number, a source medical facility patient identification, a date when the medical file was transferred, a film librarian identification number that authorized the transfer, a destination medical facility identification number, a destination medical facility patient identification, or any other type of data. In certain embodiments, multiple data fields and/or tags and/or private tags are stored in the electronic data file as the medical files are transferred between different medical facilities. In certain embodiments, the various data fields and/or tags and/or private tags can represent a digital fingerprint and/or can be used as a file integrity checkpoint and/or can be used as an audit trail to reconstitute and/or investigate where the medical files have been transferred.

In certain embodiments, a system for electronically transferring medical files from a source medical facility to a destination medical facility comprises a procedure mapping module configured to map, translate, or rename the code and/or name of a medical procedure performed at the source medical facility into the procedure code and/or name used by the destination medical facility. The procedure mapping module can be configured to use a standardized mapping table or a standardized intermediary code system to map, translate, or rename the code and/or name of a medical procedure performed at the source medical facility into the procedure code and/or name used by the destination medical facility. In certain embodiments, there is a mapping table at/for the source medical facility that can be used to map, translate, or rename the code and/or name of a medical procedure performed at the source medical facility into the standardized procedure code and/or name set forth in the standardized mapping table or standardized intermediary code system. In certain embodiments, there is a mapping table at/for the destination medical facility (and/or the main server system) that can be used to map, translate, or rename the standardized procedure code and/or name set forth in the standardized mapping table or standardized intermediary code system into the procedure code and/or name used by the destination medical facility.

In certain embodiments, a computer-implemented method of electronically transferring medical system messages from a source medical facility to a destination medical facility, the method comprises: receiving an instruction and/or communication to receive at least one medical system message from the source medical facility, wherein the instruction and/or communication comprises at least patient information, and a first encryption key for establishing a secure network connection; accessing a secure network connection between the destination medical facility and the source medical facility using paired encryption keys comprising at least the first encryption key; receiving the at least one medical system message from the source medical facility over the secure network connection; and terminating the secure network connection after said receiving.

In certain embodiments, the computer-implemented method for transferring medical system messages, further comprises: analyzing the message type of the at least one medical system message; determining whether the message type is compatible with at least one hospital system at the destination medical facility, wherein the hospital system comprises at least one of a radiology information system, hospital information system, an image server, or other medical system; converting based on said determining the at least one medical system message into a second message type that is compatible with at least one hospital system; and transmitting the converted at least one medical system message to the appropriate hospital system.

In certain embodiments, a computer-implemented method for controlling a permission-based workflow process for transferring medical files from a source medical facility to a destination medical facility, the method comprises: reviewing a request to transfer at least one medical file from the source medical facility to the destination medical facility, wherein the request further comprises a criteria for the at least one medical file; locating medical files in a database accessible by the source medical facility that possibly satisfies the criteria, wherein the database is at least a picture archiving and communication system, an image server database, a radiology information system, or a hospital information system or other medical system; causing to display to a film librarian the located medical files that possibly satisfies the criteria; receiving from the film librarian a selection of at least one of the located medical files; and sending an approval to a main server system to approve the transfer of the at least one selected medical file, wherein the sending causes transferring of the at least one selected medical file from the source medical facility to the destination medical facility.

In certain embodiments, a computer-implemented method for preventing data loss of medical files at a medical facility, the computer-implemented method comprises: receiving notification from at least one of a radiology information system, a hospital information system, a picture archiving and communication system, an image server, and other medical system that a medical file has been created or modified; obtaining the medical file from the at least one radiology information system, hospital information system, picture archiving and communication system, image server, or other medical system; accessing a secure network connection between the medical facility and a storage facility using paired encryption keys; and transferring automatically the medical file from the remote server to the storage facility.

In certain embodiments, a computer-implemented method for transferring and managing medical files at a medical facility to enable teleradiology, the computer-implemented method comprises: receiving at a source medical facility notification from at least one of a radiology information system, a hospital information system, a picture archiving and communication system, an image server, and other medical system that a medical file has been created or modified; obtaining the medical file from the at least one radiology information system, hospital information system, picture archiving and communication system, image server, or other medical system; analyzing the medical file to determine based on a criteria whether to transfer the medical file to a destination medical facility that provides at least one of outsourced radiology film interpretation, analysis, and other medical services; transferring the medical file from the source medical facility to the destination medical facility based on the analyzing. In certain embodiments, the criteria comprises at least a time period for transferring all medical files to the destination medical facility, a time period for storing said medical files at the destination medical facility, a medical expertise required to review the medical file, or an availability of medical professionals at the source medical facility.

In certain embodiments, a computer-implemented method for verifying and approving a government required release form comprises: receiving an electronic copy of an executed government required release form from a patient; analyzing a bar code on the executed government required release form to determine the identity of the patient associated with the government required release form; correlating the identity obtained from the bar code with at least one medical file associated with the identity of the patient; verifying using an optical character recognition module a signature on the executed government required release form with prior signatures stored in a database; and sending an approval communication based on said verifying to a remote server at a source medical facility to allow a transfer of the at least one medical file from the source medical facility to a destination medical facility.

For purposes of this summary, certain aspects, advantages, and novel features of the invention are described herein. It is to be understood that not necessarily all such advantages may be achieved in accordance with any particular embodiment of the invention. Thus, for example, those skilled in the art will recognize that the invention may be embodied or carried out in a manner that achieves one advantage or group of advantages as taught herein without necessarily achieving other advantages as may be taught or suggested herein.

BRIEF DESCRIPTION OF THE DRAWINGS

The foregoing and other features, aspects and advantages of the present invention are described in detail below with reference to the drawings of various embodiments, which are intended to illustrate and not to limit the invention. The drawings comprise the following figures in which:

FIG. 1. is a block diagram depicting a high level overview of one embodiment of a system for managing medical image, medical system messages, and/or record files between medical facilities.

FIG. 1A. is a block diagram depicting a high level overview of one embodiment of a client server system for managing medical image, medical system messages, and/or record files between medical facilities.

FIG. 2. is a block diagram depicting one embodiment of a computer hardware system configured to run software for implementing one or more embodiments of the medical image, medical system messages, and/or record files management system described herein.

FIG. 3. is a block diagram depicting one embodiment of a data network employed by the medical image and record files management system.

FIG. 4. depicts a simplified example of one embodiment of requesting and managing medical image and record files using the medical image and record files management system of FIG. 1.

FIG. 5. depicts a detailed example of one embodiment of requesting and transferring medical image and record files using the medical image and record files transfer system of FIG. 1.

FIG. 6. depicts an example of one embodiment of a screen view associated with requesting medical files through the medical image and record files transfer system of FIG. 1.

FIG. 7. depicts an example of one embodiment of a film librarian interface associated with some embodiments of the medical image and record files transfer system of FIG. 1.

FIG. 8. depicts an example of one embodiment of a screen view associated with approving a request for medical files through the medical image and record files transfer system of FIG. 1.

FIG. 9. depicts an example of one embodiment of a header portion associated with a medical image or medical record file or medical system message.

FIG. 10. depicts an example of one embodiment of a process flow diagram illustrating an example of a medical procedure mapping.

FIG. 11. depicts an example of one embodiment of a process flow diagram illustrating an example of transferring and/or marking a transferred medical file.

FIG. 12. depicts an example transfer summary image.

FIG. 13. is a block diagram depicting a high-level overview of one embodiment of a system for managing medical image, medical system messages, and/or record files.

FIG. 14. depicts an example of one embodiment of a process flow diagram illustrating an example of transferring medical files.

FIG. 15. depicts an example of one embodiment of a process flow diagram illustrating examples of anonymization processes that can be applied to medical files.

FIG. 16. is a block diagram depicting a high-level overview of one embodiment of a system for managing medical image, medical system messages, and/or record files by using a mobile device or computing system of a patient or user.

FIG. 17. depicts an example of one embodiment of screen views associated with a user or patient system for authorizing the transfer of medical files.

FIG. 18. depicts an example of one embodiment of a process flow diagram illustrating an example of authorizing the transfer of a medical file from a patient or user application.

FIG. 19. depicts examples of various modalities for patients or users to control patient identification numbers.

FIG. 20 depicts an example of one embodiment of a process flow diagram illustrating an example of requesting and transferring medical files and/or medical images wherein the transfer request is authenticated using an authentication key.

FIG. 21 depicts an example of one embodiment of a process flow diagram illustrating an example of masking a patient identifier used by a source facility and/or destination facility.

FIG. 22 depicts an example of one embodiment of a process flow diagram illustrating an example of authorizing and/or initiating transfer of one or more medical files from a source medical facility to a destination medical facility upon check-in at the destination medical facility.

FIG. 23 depicts an example of one embodiment of a process flow diagram illustrating an example of transferring patient information from a main server system to a destination medical facility upon check-in at the destination medical facility.

FIG. 24 depicts an example of one embodiment of a process flow diagram illustrating an example of an embodiment for detecting suspicious activity for preventing fraudulent transfer of medical file(s).

DETAILED DESCRIPTION OF THE EMBODIMENTS

Embodiments of the invention will now be described with reference to the accompanying figures. The terminology used in the description presented herein is not intended to be interpreted in any limited or restrictive manner, simply because it is being utilized in conjunction with a detailed description of certain specific embodiments of the invention. Furthermore, embodiments of the invention may comprise several novel features, no single one of which is solely responsible for its desirable attributes or which is essential to practicing the inventions herein described.

As used herein, the terms “images,” “records,” “medical reports” and “medical files” may be used interchangeably, and the foregoing terms comprise without limitation medical images, medical records, medical reports (signed and unsigned), medical files, body dimension data, studies, any type of laboratory reports and/or results, pathology images, reports, and results, hospital notes, consults, or any other type of data, report, or results that are stored in a hospital information system (HIS), and other medical data or other patient data. The foregoing terms can also include without limitation data, reports, and/or results generated in the ambulatory setting, for example, electronic medical record (EMR) to EMR communications, or information transferred, generated, created, and/or accessed in relay health type systems that manage patient communications, and other type of medical messaging and/or communication between any types of systems.

The terms “hospital” or “medical facility” as used herein are interchangeably, and both terms comprise without limitation hospitals, private doctors' offices, medical imaging facilities, clinics, emergency and/or urgent care centers, mobile care centers, medical kiosk stations, computer stations of medical professionals, both at homes and at offices, and other medical facilities. In certain embodiments, the term “medical facility” also comprises retail outlets (both online and physical retail stores), manufacturers, and the like. In certain embodiments, the term “medical facility” also comprises but is not limited to third party individuals, consultants, contractors, and/or outsourcing facilities, for example, NightHawk Radiology Services® or the like.

As used herein the terms “film librarian” and “medical personnel” or “medical professional” are interchangeably used herein, and the foregoing terms comprise but are not limited to personnel that store and control access to patient medical image and/or record files, doctors, nurses, medical staff, physician aids, medical secretaries, physician assistants, or any other medical professional with access and/or authorization to create, locate, and/or match patient medical images and/or record files.

The term “transaction history information” as used herein comprises but is not limited to information about the medical facility that sent the medical file (for example, name of the medical facility, the unique medical facility identification, medical facility contact information); information about the medical facility that received the medical file (for example, name of the medical facility, the unique medical facility identification, medical facility contact information); the medical professionals and/or film librarian involved in the requesting and/or sending of the medical file; the date and time the medical file was received; and other similar information, which may sometimes be referred to or known as transaction history information. In certain embodiments, the foregoing can be used as audit trail data.

As used herein, the interchangeable terms “examinations” and “medical history information” comprise without limitation verbal and/or written physician/medical professional notes, diagnoses, treatments, prescribed drugs or treatments, allergies, reactions, prior or scheduled operations or procedures, instructions, observations, analysis or interpretation of test results, medical images or the like, laboratory and/or test results, or the like.

The terms “Health Level 7” or “HL7” as used herein refer to an ANSI accredited standard developed to allow transfer of data between different systems in healthcare. This standard for transferring data operates at the top level of the open system integration model, or at the application layer. While many medical facilities use this standard, other standards exist. Accordingly, the foregoing terms are broad terms that also refer to other standards for managing data between different healthcare systems, and the systems and methods disclosed herein can be used with, applied to, and/or operate in an environment using HL7 or any other standard for managing data between healthcare system.

The term “Picture Archiving and Communication System” and “PACS” as used herein refer to systems and devices for the acquisition, archival and retrieval of digital images over a computer network, for diagnosis and review at workstations. In certain embodiments, PACS can be configured to interface or communicate directly with a Hospital Information System (HIS) and/or Radiology Information System (RIS) using an HL7 connection. In certain embodiments, a PACS can communicate with a RIS or HIS through a PACS Broker. A PACS broker is a device that allows the PACS to interface with an HIS or RIS. In certain embodiments, a PACS can comprise, without limitation, for example, a worklist broker, an image server, an archive manager; display workstation software, and other components. In certain embodiments, a PACS is connected to an image server.

As used herein, the term “managing,” or “transferring” are broad interchangeable terms, and include without limitation managing, transferring, facilitating the transferring, causing the transferring, having something transferred, sending, transmitting, causing the transmitting, or the like.

The terms “client server system,” “remote server system,” and “medical data transfer server” are broad interchangeable terms, and refer without limitation to computing systems and/or to systems that are involved in the process of processing and/or transferring medical files or the like, and/or controlling a workflow process for processing and/or transferring medical files. In certain embodiments, such computing systems are located at the medical facility and can communicate with the medical facility systems, such as PACS, RIS, HIS, and the like. Alternatively, such computing systems are located at a central facility and/or a hosting facility and/or a third party facility that may be located separate and apart from the medical facility. In certain embodiments, the computing system can act as a virtual remote server system that can communicate with the systems (for example, PACS, RIS, HIS, and the like) at and/or connected to the medical facility that is being served by the remote server system.

It is recognized that the term “remote” may include data, objects, devices, components, and/or modules not stored locally, that is not accessible via the local bus. Thus, remote data may include a device which is physically stored in the same room and connected to the computing system via a network. In other situations, a remote device may also be located in a separate geographic area, such as, for example, in a different location, country, and so forth.

The terms “message,” “medical system message,” and “medical system communication” are broad interchangeable terms, and refer without limitation to information and/or messages sent between and/or to hospital systems, for example, RIS, HIS, PACS, image servers, or other hospital systems. For example, a message can include but is not limited to a HL7 message or other equivalent message or system communications. Other examples of a medical system message may include but are not limited to EMR to EMR communications, or information transferred, generated, created, and/or accessed in relay health type systems that manage patient communications, and other type of medical messaging and/or communication between any types of systems.

The disclosure herein provides methods, systems, and devices for managing, transferring, modifying, converting and/or tracking medical files and/or medical system messages. In certain embodiments, the foregoing may generally be based on requesting medical files at a first medical facility, identifying the requested medical files at a second medical facility, initiating a secure network connection between the first and second medical facility, modifying a header portion of the medical files based on patient identification information created by the first medical facility, and other processing steps.

With the development of new technologies, medical images and/or records are increasingly created and stored electronically. Electronic medical images and records data are in certain instances reviewed by medical personnel on a picture archiving and communication systems (PACS), which are computers and/or networks dedicated to the storage, retrieval, distribution and presentation of medical images and records. Generally, the medical images and records data are stored in an independent format, wherein the most common format for storing medical images, and in some cases medical records, is DICOM (Digital Imaging and Communications in Medicine).

In certain PACS, there is software and/or hardware that prevents doctors from viewing multiple electronic files containing medical images and records wherein the electronic files are associated with different patient identification numbers. Such patient identification numbers, also known as a medical record numbers (MRN), are generally stored in the header portion of the medical images and/or records files. This is generally a safety mechanism that prevents medical professionals from comparing data from two different patients. This mechanism operates effectively when each patient possesses one identification number.

In certain instances, patients have multiple identification numbers because patients often visit multiple hospitals or other medical facilities. For example, patients move from one locality to another; or patients seek second opinions from doctors at different medical facilities; or patients visit different doctors specializing in different medical fields as patients move through various stages of life or treatment. Generally each doctor and/or medical facility has a unique patient identification numbering scheme or system.

Accordingly, a patient's medical images and/or records at one facility are associated with one patient identification number whereas the same patient's medical images and/or records at another facility are associated with a different patient identification number. Therefore, PACS that have the safety mechanism described above prevent medical professionals from conducting a side-by-side review of the medical images and/or records associated with different identification numbers even though the images and/or records correspond to the same patient. A medical professional using a PACS in conjunction with the methods, systems, and devices described herein can conduct a side-by-side review of the medical images and/or records associated with different identification numbers provided, however, that the images and/or records correspond to the same patient.

In one embodiment, medical facilities are equipped with a system that allows each facility to transfer medical files from a source medical facility to a destination medical facility. During the transfer of the medical files, the system is configured to dynamically change or add or modify the patient identification information in the header portion of each medical image and/or record file to the patient identification information that the destination medical facility has assigned to the patient. After changing, adding, or modifying the patient identification information in the header portion, the medical image and/or record files are stored in the medical facilities databases for medical professionals to review and analyze these files through a PACS or other workstation computer. By modifying the patient identification information in the header portion, a PACS or other workstation will recognize that the newly stored files correspond to the patient's previously stored files, and therefore a PACS or other workstation will allow medical professionals to conduct a side-by-side analysis of the newly stored files with the previously stored files.

FIG. 1 is a block diagram illustrating a high level overview of one embodiment of a medical image and record files transfer system 100. In the depicted embodiment, a first medical facility 102 is connected through a network 210 to a plurality of other medical facilities 106, a kiosk system 108, and a main server system 110.

The network 210 may include one or more of internet connections 112, secure peer-to-peer connections, secure socket layer (SSL) connections over the internet, virtual private network (VPN) connections over the internet, or other secure connections over the internet, private network connections, dedicated network connections (for example, ISDN, T1, or the like), wireless or cellular connections, or the like or any combination of the foregoing. In a preferred embodiment, the medical facilities are connected to each other through a mesh network 300 wherein each medical facility is capable of connecting to every other medical facility through an on-demand, and/or ad-hoc, and/or available when needed, and/or non-persistent, permission based SSL or VPN or other secure connections over the internet, as shown in FIG. 3.

At each medical facility, there may be a PACS 114, a radiology information system (RIS) 116, a hospital information system (HIS) 118, an image server, a web interface and/or a film librarian interface 120, a firewall 122, and a client server system 124. PACS 114 allow medical professionals to view medical images and records stored in various systems including in a RIS 116 and/or HIS 118. A RIS is generally used by radiology departments to store, manipulate and distribute patient radiological data and possibly images, and generally comprises patient tracking and scheduling, result reporting, and image tracking capabilities. A RIS can also comprise, without limitation, for example, the capability of creating and editing and finalizing reports and tracking of radiology information, for example, contrast usage, or the like. A HIS is an integrated information system designed to manage the administrative, financial and clinical aspects of a hospital or other medical facility.

In certain embodiments, the client server system 124, as depicted in FIG. 1A, comprises but is not limited to a transfer module 126, a modification module 128, a RIS interface module 130, a HIS interface module 132, a transaction history database 134, and a HIPAA release form (as used herein the term “HIPAA release form” is a broad term that generally refers to any kind of release form requested or/and required by law/statute, government entity, insurance entity, medical facility, medical professional, business entity, private/public entity, or the like) database 136. The transfer module 126 is configured to establish a secure network connection between another medical facility based on instruction information received from the main server system 110. In certain embodiments, the transfer module 126 is configured to establish the secure network connection based on an encryption key received from the main server system 110. The transfer module 126 can establish network connections serially or simultaneously. In certain embodiments, the client server system 124 comprises, or is connected to, or can electronically access a CDROM, DVD, Blu-ray, and/or other media burner for writing data onto, and/or reading data from a CDROM, DVD, Blu-ray disc, and/or other storage media.

The modification and/or filter module 128 is configured to modify the header portion of the medical files received from other medical facilities. In certain embodiments, the modification module 128 is configured to modify the patient identification information stored within the header portion of the medical files, and/or insert the patient identification number used by the medical facility where the client server system is located. In certain embodiments, the client server system 124 obtains the patient identification number to be inserted in the header file from the RIS and/or the HIS systems by using the RIS interface 130 module and/or the HIS interface module 132 and/or other interface modules. In other embodiments, any portion of an electronic file and/or medical system message (such as HL7) may be modified.

The transaction history database 134 is configured to record the date and time of the transfer in or out of the client server system 124, the medical facilities involved in the transfer, the medical files transferred, and other related transfer history data. In certain embodiments, the client server system 124 is configured to allow a medical professional to search and/or retrieve data from the transaction history database 138. In certain embodiments, a medical facility key obtainable from the main server system 110 is necessary in order to gain access and the ability to search and/or retrieve data from the transaction history database 134.

The HIPAA release form database 136 is configured to receive and store HIPAA release forms from the main server system. In one embodiment, the transfer module 126 verifies that a patient HIPAA release form is stored in the HIPAA release form database 136 to determine whether the transfer module 126 is authorized to transfer related medical records to another medical facility. In other embodiments, the main server system 110 is configured to search the HIPAA release form database 140 before displaying a request for medical files on a film librarian interface 120. In certain embodiments, the main server system 110 is configured to attach or link the appropriate HIPAA release form, located within the HIPAA release form database 140, to the request for medical files so as to allow a film librarian to view the release form while reviewing the request for medical files. In other embodiments, a film librarian interface 120 is configured to allow a film librarian to search the HIPAA release form database 136, 140 to determine whether the film librarian is authorized to transfer a medical file to destination medical facility. In certain embodiments, the client server system is configured to allow a medical professional to search and/or retrieve data from the HIPAA release form database 136, 140. In certain embodiments, a medical facility key obtainable from the main server system 110 is necessary in order to gain access and the ability to search and/or retrieve data from the HIPAA release system 136, 140. In certain embodiments, the transaction history database 126 and the HIPAA release form database 136, 140 are different tables within the same database.

Referring to FIG. 1A, in certain embodiments, the client server system 124 is a smart local computer system that resides at the medical facility, and alternatively, the client server system 124 is not located at the medical facility but rather is located at a separate central hosting facility that is accessible by medical professionals. The client server system 124, whether local at the medical facility or at a central hosting facility, can also comprise network connections to the various computer systems within the medical facility. Such network connections allow the smart client server system, for example and among other things, to: establish connections with the main server system 110 and other client server systems 124; encrypt and decrypt data received and sent over a network connection; query PACS, RIS, HIS, and/or image server systems at the medical facility; and/or cause medical files, examinations, and other data to be stored in PACS, RIS, HIS, and/or image server systems at the medical facility. In one embodiment, the system allows for the client server system 124 to interface with medical professionals at the medical facility; and/or control a work flow process for transferring patient medical files, examinations, and other data between medical facilities.

Turning again to FIG. 1, a PACS 114 (or a separate image server) generally stores and archives medical images and/or records using a database or other data repository, for example, a redundant array of independent disks (RAID) system thereby allowing medical professionals to locate and retrieve, receive, access, or accept medical files at a later date. The web interface and/or film librarian interface 120 may take on various forms. In one preferred embodiment, the web interface and/or film librarian interface 120 is a web browser configured to connect and interact with the main server system 110. The web interface enables a medical professional to send a request for medical images and/or records to the main server system 110. The film librarian interface 120 allows medical professionals to receive and review requests for medical images and/or records. The film librarian interface 120 also allows the medical professional to approve or deny requests for medical images and/or records. In one embodiment, the web interface and the film librarian interface 120 do not directly connect to the client server system 124 to ensure network security of the client server 124 and the other medical facility servers. In general, the firewall 122 operates to limit and/or reduce access to files stored within a computer network, such as the local area network (LAN) generally existing at each medical facility, from remotely located machines. In other embodiments, the firewall 122 is within the client server system 124.

A kiosk system 108, or a plurality of kiosks, connects to the network 210 to communicate with the main server system 110, and to allow patients to interact with the main server 110. In certain embodiments, the kiosk system 108 or like systems can be configured, for example, to allow patients to generate requests for medical files to be transferred from one medical facility/medical professional to another medical facility/medical professional, and/or allow patients to provide approval for transferring medical files from one medical facility/medical professional to another medical facility/medical professional. For example, the kiosks 108 allow patients to submit to the main server system 110 HIPAA (Health Insurance Portability and Accountability Act) release forms, which are necessary to allow one medical facility to release medical records to another medical facility. The main server system 110 is configured to connect to the kiosk 108 to receive HIPAA release forms and store the forms in the HIPAA release form database 140 located in the main server system 110. The main server system is configured to verify the receipt of an executed HIPAA release form before releasing medical files, and, in certain embodiments, the main server system 110 is configured to send a copy of the HIPAA release form to the source medical facility such that copy of the form can be stored in the HIPAA release form database 136 at the source medical facility. In certain embodiments, the main server system 110 is configured to transfer an executed HIPAA release form to a destination medical facility for storage.

Generally, the kiosk system 108 comprises a computer having memory and a storage medium, a display, a keyboard, and a network connection. In certain embodiments, the kiosk system 108 comprises a scanner for scanning and creating a digital file of HIPAA release forms received from patients. In other embodiments, the kiosk system 108 comprises an input device configured to allow patients to write and input their signature into the kiosk system 108 thereby providing authorization to release their medical files. In other embodiments, the kiosk system 108 comprises a camera for obtaining a digital image of a patient using the kiosk system 108 thereby allowing for visual verification of the patient that is releasing medical files to another medical facility. In certain embodiments, the kiosk 108 is a home computer, personal computer, handheld device, or other user access point.

The main server system 110 connects to the client server systems 124 at the medical facilities and the kiosk systems 108 through the network 104. In a preferred embodiment, the main server system 110 comprises but is not limited to a web server 142, an authentication module 144, a transfer history database 138, a billing module 146, a HIPAA release form database 140, and a medical facility keys database 148. In certain embodiments, the main server system 110 can be configured, for example, among other things, to: act as a central authentication manager that allows client server systems 124 to communicate with other client server systems 124; control a work flow process for transferring patient medical files, examinations, and other data between medical facilities; build a knowledge database that facilitates the locating and/or transferring of medical files, examinations, and/or other data; and/or enable billing processes for each transfer of medical files, examinations, and/or other data. In certain embodiments, medical facilities encryption keys database 148, the transaction history database 138, and/or the HIPAA release form database 140 are different tables within the same database.

The web server 142 may comprise, for example, an Apache HTTP Server configured to serve web pages and web applications. In a preferred embodiment, the web server 142 operates to provide and interact with the web interface and the film librarian interface 120 at the medical facilities. In other embodiments, the web server 142 operates to provide and interact with patients using a kiosk 108. The web server 142 is configured to receive requests for medical files and direct the request to the authentication module for further processing. Based on the request, the authentication module 144 identifies the medical facility that the request should be sent to and pushes the request through the web server 142 to be displayed on the film librarian interface 120 such that the film librarian can review the request.

If the film librarian approves the request, the approval is sent through the film librarian interface 120 to the web server 142, which directs the approval to the authentication module 144 for further processing. The authentication module 144 then sends a communication to the client server system 124 at the source medical facility, wherein the communication comprises an instruction to send the requested medical files to the destination medical facility. The authentication module 144 also sends a communication to the client server system 124 at the destination module, wherein the communication comprises an instruction to receive the requested medical files from the source medical facility.

In a preferred embodiment, the communication sent by the authentication module 124 to the client server systems 124 at the destination and source medical facilities also comprise a network security key for establishing a secure network connection between the two client server systems 124. In certain embodiments, the client server systems 124 are configured to establish secure network connections sequentially or simultaneously wherein each connection uses a different network security key provided by the main server system 110. In certain embodiments, the security key provided by the main server system 110 is only or is generally valid for one use and/or for a specific period of time. Alternatively, the security key can be recycled after a period of time of non-use, and still be unique or substantially unique to allow for secure communications and/or connections. In certain embodiments, it is the authentication module 144 that determines the number times and/or the expiry of the network security key. If a transfer of medical files fails to occur, the destination and/or the source medical facilities sends a communication to the main server system 110, reporting that the medical image files were never sent and/or received. The authentication module 144, in certain instances, is configured to send another communication to the client server systems 124 at the destination and source medical facilities, wherein the communication comprises a new network security key and an instruction to send/receive the requested medical files.

The authentication module 144 also operates to record the date and time of the transfer authorization, the medical facilities involved in the transfer, the medical files transferred, and other related transfer history data into the transfer history database 138. The authentication module 144 also operates to communication/signal the billing module to bill the appropriate party for the transfer. In a preferred embodiment, the billing module 146 bills the source medical facility for each transfer of medical files. The billing module 146 can also be configured to bill the destination medical facility for each request and/or transfer of medical files into the destination medical facility. The billing module 146 can also be configured to generate a bill/invoice or transmit a bill/invoice over a network connection or through regular mail to any other party, such as an insurance company, third party invoice processing center, or the like. The billing module 146 can be configured to generate and/or transfer bills/invoices on a real time basis substantially with the completion of the transfer of medical files, or on a periodic basis, a batch basis, or the like. The billing module 146 can also be configured to generate a bill/invoice based on a per transaction/transmission basis or a subscription model.

In certain embodiments, the medical facility keys database 148 stores medical facility keys used by medical professionals to access the transaction history database 134 and the HIPAA release form database 136 stored in the client server systems 124 located at the medical facilities.

Computing System

In some embodiments, the computer clients and/or servers described above take the form of a computing system 200 shown in FIG. 2, which is a block diagram of one embodiment of a computing system that is in communication with one or more computing systems 110 and/or one or more data sources 115 via one or more networks 210. The computing system 200 may be used to implement one or more of the systems and methods described herein. In addition, in one embodiment, the computing system 200 may be configured to transfer medical files between medical facilities, including maintaining and storing medical files and executing searching and matching algorithms for identifying relevant medical files to fulfill requests for medical files. While FIG. 2 illustrates one embodiment of a computing system 200, it is recognized that the functionality provided for in the components and modules of computing system 200 may be combined into fewer components and modules or further separated into additional components and modules.

Client/Server Module

In one embodiment, the system 200 comprises a medical files transfer module 206 that carries out the functions described herein with reference to the client server systems or the main server system. The medical records transfer module 206 may be executed on the computing system 200 by a central processing unit 204 discussed further below.

In general, the word “module,” as used herein, refers to logic embodied in hardware or firmware, or to a collection of software instructions, possibly having entry and exit points, written in a programming language, such as, for example, COBOL, CICS, Java, Lua, C or C++. A software module may be compiled and linked into an executable program, installed in a dynamic link library, or may be written in an interpreted programming language such as, for example, BASIC, Perl, or Python. It will be appreciated that software modules may be callable from other modules or from themselves, and/or may be invoked in response to detected events or interrupts. Software instructions may be embedded in firmware, such as an EPROM. It will be further appreciated that hardware modules may be comprised of connected logic units, such as gates and flip-flops, and/or may be comprised of programmable units, such as programmable gate arrays or processors. The modules described herein are preferably implemented as software modules, but may be represented in hardware or firmware. Generally, the modules described herein refer to logical modules that may be combined with other modules or divided into sub-modules despite their physical organization or storage.

Computing System Components

In one embodiment, the computing system 200 also comprises an individual computer, a cloud computing system, a grid computing system, and/or a mainframe computer system suitable for controlling and/or communicating with large databases, performing high volume transaction processing, and generating reports from large databases. The computing system 200 also comprises a central processing unit (CPU) 204, which may comprise a microprocessor. The computing system 200 further comprises a memory 205, such as random access memory (RAM) for temporary storage of information and/or a read only memory (ROM) for permanent storage of information, and a mass storage device 201, such as a hard drive, diskette, or optical media storage device. Typically, the modules of the computing system 200 are connected to the computer using a standards based bus system. In different embodiments, the standards based bus system could be Peripheral Component Interconnect (PCI), Microchannel, SCSI, Industrial Standard Architecture (ISA) and Extended ISA (EISA) architectures, for example.

The computing system 200 comprises one or more commonly available input/output (I/O) devices and interfaces 203, such as a keyboard, mouse, touchpad, and printer. In one embodiment, the I/O devices and interfaces 203 comprise one or more display devices, such as a monitor, that allows the visual presentation of data to a user. More particularly, a display device provides for the presentation of GUIs, application software data, and multimedia presentations, for example. In the embodiment of FIG. 2, the I/O devices and interfaces 203 also provide a communications interface to various external devices. The computing system 200 may also comprise one or more multimedia devices 202, such as speakers, video cards, graphics accelerators, and microphones, for example.

Computing System Device/Operating System

The computing system 200 may run on a variety of computing devices, such as, for example, a server, a Windows server, a Structured Query Language server, a Unix server, a personal computer, a mainframe computer, a laptop computer, a cell phone, a personal digital assistant, a kiosk, an audio player, iPhone, and so forth. The computing system 200 is generally controlled and coordinated by operating system software, such as z/OS, Windows 95, Windows 98, Windows NT, Windows 2000, Windows XP, Windows Vista, Linux, BSD, SunOS, Solaris, or other compatible operating systems. In Macintosh systems, the operating system may be any available operating system, such as MAC OS X. In other embodiments, the computing system 200 may be controlled by a proprietary operating system. Operating systems control and schedule computer processes for execution, perform memory management, provide file system, networking, and I/O services, and provide a user interface, such as a graphical user interface (GUI), among other things.

Network

In the embodiment of FIG. 2, the computing system 200 is coupled to a network 210, such as a local area network (LAN), wide area network (WAN), or the Internet, for example, via a wired, wireless, or combination of wired and wireless, communication link 215. In a preferred embodiment, the network is a mesh network 300 wherein each computing system is capable of connecting to every other computing system or data source through an on-demand or non-persistent permission based secure socket layer (SSL) or virtual private network (VPN) or other secure connections over the internet, as shown in FIG. 3. The network 210 communicates with various computing devices and/or other electronic devices via wired or wireless communication links. In the embodiment of FIG. 2, the network 210 is communicating with one or more computing systems 110 and/or one or more data sources 115.

Access to the medical files transfer module 206 of the computer system 200 by computing systems 110 and/or by data sources 115 may be through a web-enabled user access point such as the computing systems' 110 or data source's 115 personal computer, cellular phone, laptop, or other device capable of connecting to the network 210. Such a device may have a browser module is implemented as a module that uses text, graphics, audio, video, and other media to present data and to allow interaction with data via the network 210.

The browser module may be implemented as a combination of an all points addressable display such as a cathode-ray tube (CRT), a liquid crystal display (LCD), a plasma display, or other types and/or combinations of displays. In addition, the browser module may be implemented to communicate with input devices 203 and may also comprise software with the appropriate interfaces which allow a user to access data through the use of stylized screen elements such as, for example, menus, windows, dialog boxes, toolbars, and controls (for example, radio buttons, check boxes, sliding scales, and so forth). Furthermore, the browser module may communicate with a set of input and output devices to receive inputs/signals from the user.

The input device(s) may comprise a keyboard, roller ball, pen and stylus, mouse, trackball, voice recognition system, or pre-designated switches or buttons. The output device(s) may comprise a speaker, a display screen, a printer, or a voice synthesizer. In addition a touch screen may act as a hybrid input/output device. In another embodiment, a user may interact with the system more directly such as through a system terminal connected to the score generator without communications over the Internet, a WAN, or LAN, or similar network.

In some embodiments, the system 200 may comprise a physical or logical connection established between a remote microprocessor and an individual computer, a cloud computing system, a grid computing system, and/or a mainframe host computer for the express purpose of uploading, downloading, or viewing interactive data and databases on-line in real time. The remote microprocessor may be operated by an entity operating the computer system 200, including the client server systems or the main server system, an/or may be operated by one or more of the data sources 115 and/or one or more of the computing systems. In some embodiments, terminal emulation software may be used on the microprocessor for participating in the micro-mainframe link.

In some embodiments, computing systems 110 who are internal to an entity operating the computer system 200 may access the medical files transfer module 206 internally as an application or process run by the CPU 204.

User Access Point

In one embodiment, a user access point comprises a personal computer, a kiosk, a laptop computer, a cellular phone, a GPS system, a Blackberry® device, a portable computing device, a server, a computer workstation, a local area network of individual computers, an interactive kiosk, a personal digital assistant, an interactive wireless communications device, a handheld computer, an embedded computing device, iPhone, or the like.

Other Systems

In addition to the systems that are illustrated in FIG. 2, the network 210 may communicate with other data sources or other computing devices. The computing system 200 may also comprise one or more internal and/or external data sources. In some embodiments, one or more of the data repositories and the data sources may be implemented using a relational database, such as DB2, Sybase, Oracle, CodeBase and Microsoft® SQL Server as well as other types of databases such as, for example, a flat file database, an entity-relationship database, and object-oriented database, and/or a record-based database.

Human and/or Electronic Process

FIG. 4 is a simplified example of one embodiment of requesting and transferring medical image and record files using the medical files transfer system of FIG. 1. At block 400 a medical professional at a first medical facility makes a request for at least one medical file by completing a request form through the web interface. The first medical facility is also known as the destination medical facility because the medical file will be transferred to the destination medical facility. In contrast, the medical facility that receives the request for the medical file is also known as the source medical facility.

On the request form, the medical professional provides patient information related to the patient, and medical facility information related to both the destination and source medical facilities. For example, the patient information may comprise, but is not limited to, the patient's name, the patient's identification number at the destination medical facility, the patient's identification number at the source medical facility, the patient's age, sex, disease type, address, date of birth, social security number, or the like. The medical facility information may comprise, but is not limited to, the name of the medical facility, identification number of the medical facility, the location of the medical facility, the division or branch office of the medical facility, the telephone number of the medical facility, or the like. In one embodiment, the PACS, RIS, HIS, and/or other local hospital systems can comprise the same functionality as the film librarian interface such that the PACS, HIS, and/or other local hospital systems can be configured to automatically generate a request for medical files, wherein the request is sent to the main server system an application programming interface (API). For example, a doctor reviewing medical files on a PACS can in-context (meaning while reviewing medical files for a particular patient) generate a request for related medical files that are available at other medical facilities by using the interface of the PACS. In certain embodiments, the generated request from PACS, RIS, HIS, and/or other local hospital systems can submitted, transmitted, and/or communicated through a http:// or https://connection, or URL request/message, internet connection, wireless connection to the main server, the client server system, and/or the film librarian interface system. In certain embodiments, the generated request from the PACS, RIS, HIS, and/or other local hospital systems can be transmitted, communicated, and/or submitted through a messaging protocol (for example, HL7) over any kind of network.

The web interface sends the patient information and the medical facility information to the main server, wherein the main server system determines where the request should be sent. After identifying the appropriate medical facility (the source medical facility) to send the request, the main server system at block 404 sends the request to the film librarian interface corresponding to the source medical facility.

In a preferred embodiment, the film librarian or other medical personnel at block 406 reviews the request on the film librarian interface, and attempts to locate and match the patient name and source patient identification number provided in the request form. In certain circumstances, the medical professional searches a PACS, a RIS, a HIS, or the like to locate medical files associated with the information provided in the request form. In certain embodiments, the system semi-automatically and/or automatically conducts a search and/or matches the patient name and source patient identification number provided in the request form and/or searches a PACS, a RIS, a HIS, or the like to locate medical files associated with the information provided in the request form. In certain embodiments, the system presents or causes to display match information (for example, exact and/or near matches) to the film librarian for review and/or approval and/or selection. The medical professional then determines whether the source medical facility possesses medical files corresponding to the provided patient information.

If the medical professional locates and matches the provided patient information with medical files at the source medical facility, the medical professional approves the request form by interacting with the film librarian interface. The film librarian interface sends the approval communication as well as the matching information to the main server at block 408. The matching information can comprise but is not limited to the patient identification number assigned by the source medical facility, and/or names or other identifications to locate the requested medical files. At block 410, the main server system then instructs the client server system at the source medical facility to send, transmit, or transfer the appropriate medical record files to the client server system located at the destination medical facility. At block 412, the main server system also instructs the client server system located at the destination medical facility to receive, access, accept, or retrieve the appropriate medical files from the client server system at the source medical facility.

In other embodiments, the main server system stores or saves the matching information for future use. For example, if a future request is received by the main server system, and the request comprises substantially the same or similar patient information and/or medical files/examinations, and/or MRN's, the main server system can be configured to automatically match and/or locate the requested medical files based on the previously saved matching information and/or user-configurable matching criteria and/or other algorithm. For example, the main server system can be configured to build over time a knowledge database of matching patient identification numbers, MRN's, locations of medical files/examinations, or the like. In certain embodiments, the knowledge database is generated or updated periodically or in real time based on data mining of the Transaction History Database or by querying various attached and/or connected client server systems at medical facilities. Using the knowledge database, the main server system can be configured to send, transfer, or cause to display a listing of all or substantially all the medical files/examinations at all or substantially all the medical facilities equipped with a client server system. For example, for a specific patient identification number used by one medical facility, the main server system can be configured to generate a listing of all known patient identification numbers assigned to the patient at other medical facilities, and generate a listing of all or substantially all known medical files/examinations available at the various medical facilities. In certain embodiments, the knowledge database is generated from data received and/or stored in the client server system. In other embodiments, the main server system is configured to generate the listing information by retrieving the patient information from the multiple client server systems in real time or periodically based on a batching process.

In other embodiments, the locating and matching is performed automatically by the main server system or the client server system, and not by a medical personnel operating through a film librarian interface. In this embodiment, the main server system is configured to send a request for medical files to the client server system at the source medical facility. The client server system automatically attempts to match and/or locate the medical files associated with the patient information provided in the request form via user-configurable matching criteria and/or other algorithm. In searching for the medical files, the client server system connects to the medical facility's PACS, image server, RIS, HIS, or other database system where patient medical files are stored.

If a match that satisfies a minimal threshold is found, then the request form is approved automatically by the client server system, and/or may be presented, displayed to the film librarian for approval, and a communication is sent back to the main server. The main server system then instructs the client server system at the source medical facility to send the appropriate medical record files to the client server system located at the destination medical facility. The main server system also instructs the client server system located at the destination medical facility to receive the appropriate medical files from the client server system at the source medical facility.

Accession Number Creation

To track medical files received at a destination medical facility, accession numbers are created for each medical file received. The accession number not only tracks the medical file within a medical facility, but also an accession number is used to link related portions of a medical file that are related but stored in different databases. For example, an accession number can link a medical image stored in the image database with a corresponding doctor's report that is stored in a RIS and/or HIS system because the same accession number has been stored in the header portion of both medical image file and the doctor's report file.

In one embodiment, after the medical file has been transferred from the source medical facility to the destination medical facility, the client server system directly creates an accession number in the RIS and/or HIS and/or PACS systems at the destination medical facility, wherein the accession number relates to the medical files that have been received. In other embodiments, the accession number is created before the medical files have been transferred but after the client server has instructed by the main server system to receive medical files from another medical facility.

In one embodiment, the process of creating an accession number occurs directly between the client server system and the RIS and/or HIS and/or PACS system when the client server system has full and open access to the RIS and/or HIS and/or PACS systems. Where the client server system does not have full and open access to the RIS and/or HIS and/or PACS system, the client server system, in certain embodiments, is configured to create an Order Message (ORM), or equivalent message or the like, that is sent to the RIS and/or HIS and/or PACS systems, which causes the RIS and/or HIS and/or PACS systems to create an accession number for the medical files that were received, and returns the accession number to the client server system.

In the HL7 Standard, an ORM message is any request for materials (for example, 500 ml of 2.5% saline) or services (for example, a range of motion study, an EKG, a lipid panel, and the like). Orders are usually for a particular patient. The transmission of clinical orders occurs between the application placing the order (the placer) and the clinical application filling the order (the filler). Accordingly, the placer in this embodiment is the client server system at the destination medical facility and the filler is the RIS and/or the HIS system at the medical facility.

Header Modifications and Image Conversions

The client server system at the destination medical facility is configured to modify the header portion of the medical files to ensure that the medical files are compatible with the patient identification numbering system, and the other systems at the destination medical facility. In certain embodiments, the client server system modifies the header portion of the medical files by removing, modifying, substituting, or, adding the patient identification number that corresponds to the source medical facility and inserts, modifies, substitutes, or, adds the patient identification number utilized by the destination medical facility.

In certain embodiments, the client server obtains the patient identification number from the RIS and HIS systems associated with the destination medical facility. In some embodiments, the client server obtains the patient identification number from the main server system. In certain embodiments, the main server system provides this information while instructing the client server system at the destination medical facility to receive, retrieve, access, or accept medical files from the source medical facility. In other embodiments, the client server system at the source medical facility modifies the header portion of the medical files to comprise the patient identification number provided by the destination medical facility, wherein such modification at source medical facility can occur prior to the transfer of the medical file from the source to the destination medical facility.

In some instances, the destination medical facility provides the patient identification number directly to the source medical facility. In other instances, the patient identification number is provided to the source medical facility by the main server system. In other instances, the client server system at the source medical facility is configured to transfer a raw medical data file without a header portion, wherein the client server system at the destination medical facility is configured to add a header portion comprising information compatible with the PACS and other systems of the destination medical facility.

In certain embodiments, the client server system at the destination medical facility is configured to confirm the medical files into a format that is compatible for the PACS and other systems at the destination medical facility. For example, the client server system is configured to convert a DICOM medical image file into a JPEG medical file. Alternatively, the client server system may convert a DICOM medical image file with the image compressed in JPEG2000 to a format compatible with the target PACS or other system such as a DICOM image compressed in standard JPEG.

The client server system and/or the remote server system is configured to store the received medical files and/or examinations in the PACS, image server, RIS and/or HIS systems at the destination medical facility. A medical professional can then retrieve and view the medical files from the PACS, RIS and/or HIS systems at the destination medical facility. In certain embodiments, a user at the destination medical facility can view medical files obtained from the source medical facility side-by-side with the medical files from the destination medical facility. In certain embodiments, the client server system is configured to also store the received medical files in a patient data database within the client server system to enable medical professionals to retrieve and/or review medical files and/or examinations directly from the client server system without retrieving the information from the PACS, image server, RIS, and/or HIS systems. The client server system can be configured to store the medical files and/or examinations indefinitely or for a temporary period of time, for example, minutes, hours, days, months, or years. In certain embodiments, the client server system can be configured to control, store and/or remove medical files and/or examinations based on a policy that can be fixed and/or amended.

Transaction History Information

In one embodiment, the client server system comprises a transaction history database for tracking the transfer history of medical files. For example, the client server system is configured to record in the transfer history database the transfer of every or substantially every medical file that is transferred in and/or out of its medical facility, and such information is known as transaction history information as defined above. In certain embodiments, the transaction history information is associated and/or is assigned a unique identifier in a lookup table or the like so that the foregoing information can be recalled based on the unique identifier. The unique identifier or a reference tag is then embedded or written or stored in the header of the medical file to a form an audit trail thereby allowing medical professionals or others to later determine the origins of the file.

In certain embodiments, the client server system is configured to decipher or interpret at least a part of the foregoing unique identifiers. For example, the client server system can identify the medical facility that created the unique identifier. Based on that information the client server system and/or a medical professional can search or request to have searched the transfer history database of the medical facility that created the unique identifier to obtain the transfer history information associated with the medical file.

Instead of storing a unique identifier in the header portion of a medical file, in another embodiment, the transaction history information itself is written or added into the header portion of the medical file as text or in another data format every time or substantially every time the medical file is transferred from one medical facility to another thereby creating an audit trail. If transaction history information is in text, the transaction history information can be written with or without tags (for example, XML, HTML, and the like). In certain embodiments, the PACS or other system is configured to allow a medical professional to review and analyze the transaction history information stored in the header portion of the medical file, using a header viewer system.

In other embodiments, the client server system is configured to analyze, interpret, normalize, and/or filter the transaction history information in the header portion of a medical file, and directly store the information in RIS and/or HIS systems when the client server system has direct and open access to the RIS and/or HIS systems. In other embodiments, where the client server system does not have open and direct access to the RIS and/or HIS system, the client server system creates an Observation/Results Message (OBX), or equivalent message, system communication, or the like, comprising the transaction history information and an accession number, and sends the OBX message, or equivalent message, system communication, or the like, to the RIS and/or HIS systems which accepts and processes, and stores the message. Normalizing, as used herein, can comprise but is not limited to a method or system of analyzing the data, extracting certain recognized data elements, and assigning those data elements to a particular related data field used by the system.

In other embodiments, the transaction history information is transferred in the data portion of a medical file instead of the header portion of a medical file. The transaction history information can be stored as text in the data portion of the medical file with or without tags (for example, XML, HTML, and the like), or the transaction history information can be stored as an image in the data portion of the medical file. If stored as an image file, then the client server system is configured to modify the header portion of this medical file as disclosed herein and store the medical file in the PACS and/or image server.

In certain embodiments, the PACS and/or other systems are configured to allow a medical professional to review and analyze the transaction history information stored in the data portion of the medical file as a normal medical image or record file. PACS and/or other systems can also be configured to compare and/or review the transaction history information as an image with other medical files because the patient identification numbers do not conflict and/or are the same after the client server system inserts, overwrites, amendments, adds, and/or modifies the correct patient identification number to the header portion of the medical files.

In any transfer of medical files and/or examinations, there may be multiple series of medical files, images, reports, and/or examinations in the set. For example, a set may include without limitation a series of scout views, a series of brain window images, a set of bone window images, and/or the like. In certain embodiments, a transaction history information summary image 1200 may appear with separate series and/or set. For example, as illustrated in FIG. 12, a transaction history information summary image 1200 can be displayed at the beginning, the end, and/or at any other point of each series. In other embodiments, the transaction history summary images 1200 may appear at the beginning, end, and/or at any other point in the set. In other embodiments, the client server system is configured to analyze, interpret, filter the transaction history information in the data portion of a medical file, normalize the transaction history information, and store the normalized transaction history information in RIS and/or HIS systems at either a destination or source medical facility.

If the transaction history information is stored as text in the data portion of a medical file, then the client server system is configured to analyze, interpret, normalize, and/or filter the transaction history information in the data portion of a medical file, and directly store the information in RIS and/or HIS systems when the client server system has direct and open access to the RIS and/or HIS systems. In certain embodiments, the storing of the transaction history information in the RIS and/or HIS systems occurs by inserting the information into specific related entry fields when the client server system has open and/or complete access to the RIS and/or HIS systems.

In other embodiments, where the client server system does not have open and direct access to the RIS and/or HIS system, the client server system creates an OBX message, or equivalent message, system communication, or the like, comprising the transaction history information and an accession number, and sends the OBX message, or equivalent message, system communication, or the like, to the RIS and/or HIS systems which accept and process, and stores the message. Normalizing, as used herein, can comprise but is not limited to a method or system of analyzing the data, extracting certain recognized data elements, and assigning those data elements to a particular related data field used by the system. and/or the RIS/HIS systems as a medical file. The OBX, or equivalent message, system communication, or the like, can comprise at least the patient identification number used by the destination medical facility, the accession number and the transaction history information and the name of the medical file associated with the transaction history information.

In the HL7 Standard, an OBX is a message used to transmit a single observation or observation fragment. One mission of an OBX is to carry information about observations and results. Sometimes, the OBX segment is found as a part of an order message (ORM or RDE). In this case, the OBX carries clinical information needed by the receiving system. For example, an OBX is needed to report the menstrual phase information which should and/or could be included on an order for a pap smear to a cytology lab. The OBX message or segment can be used to contain encapsulated data, for example, a PDF document, a CDA document or a DICOM image or any of the MIME (Multimedia Internet Mail Extension) support formats such as JPEG, GIF, FAX, and the like. If the actual observation value is not sent in an OBX but exists somewhere else, the OBX message or segment can contain a reference pointer. The reference pointer can be a hyperlink which the receiving system would use to access the observation information, document, or image. The OBX segment can be used to transmit patient clinical information in a variety of formats.

In other embodiments, the client server system is configured to transfer the transactional history information by electronic mail after receiving instructions from the main server system.

Medical History Information

Transaction history information differs generally from medical history information as is defined above. In certain embodiments, the medical history information is transferred from one medical facility to another in the data portion, as opposed to the header portion, of a medical file using the various transfer methodologies described herein. The client server system at a destination medical facility is configured to receive to the medical file comprising the medical history information. In some instances, the medical history information is stored as text with or without tags (for example, XML, HTML, and the like); however, the medical history information can also be stored as an image.

If the medical history information is stored as text, then the client server system at the destination medical facility is configured to analyze, interpret, normalize, and/or filter the medical file comprising the medical history information, and/or directly store the medical history information into the MS and/or the HIS system located at the destination medical facility. In certain embodiments, the storing of the medical history information in the MS and/or HIS systems directly occurs by inserting the information into specific related entry fields when the client server system has open and/or complete access to the RIS and/or HIS systems.

If the client server system does not have open and/or complete access to the RIS and/or HIS systems, the client server system, in some instances, is configured to create OBX, and/or equivalent message or system communication or the like, comprising the medical history information, and sends the OBX, and/or equivalent message or system communication or the like, to the RIS and/or HIS systems such that the medical history information can be stored in the RIS and/or HIS systems at the destination medical facility. The OBX, and/or equivalent message or system communication or the like, can comprise at least the patient identification number used by the destination medical facility, the accession number, and the medical history information.

If the medical history information is stored as an image, then the client server in certain embodiments stores the image in the PACS and/or image server or RIS or HIS, assuming the target system can accept image data. The client server system is configured to modify the header portion of the medical file that comprises the medical history information by inserting or adding to the header portion the patient identification number used by the destination medical facility. In certain embodiments, the client server system is configured to directly store the modified medical file comprising the medical history information in the PACS and/or image server. In other embodiments, the client server system is configured to directly store the modified medical file in RIS and/or HIS systems where the client server system has direct and/or full access to those systems. If the client server system does not have direct and/or full access to those systems, then the client server system creates an OBX, or equivalent message, system communication, or the like, that can comprise the image, and sends the message to the PACS, RIS and/or HIS systems for processing and storage. Medical professionals with access can use PACS, RIS, and/or HIS systems thereafter to view the medical file side-by-side with other medical files for that patient stored at the medical facility because the patient identification numbers stored in the header of the medical files do not conflict and/or are the same.

In the foregoing embodiment, the medical history information can also be inserted into the header portion of the medical file instead of the data portion of a medical file. The client server system at a destination medical facility is configured to receive to the medical file comprising the medical history information in the header portion of the medical file. In some instances, the medical history information is stored as text with or without tags (for example, XML, HTML, and the like). In certain embodiments, the client server system at the destination medical facility is configured to analyze, interpret, normalize, and/or filter the header portion comprising the medical history information, and/or directly stores the medical history information into the RIS and/or the HIS systems located at the destination medical facility where the client server system has direct and/or full access to those systems. If the client server system does not have direct and/or full access to those systems, then client server system creates an OBX, or equivalent message, system communication, or the like, that comprises the medical history information, and sends the message to the RIS and/or HIS systems for processing and storage.

In other embodiments, the client server system is configured to transfer the medical history information by electronic mail after receiving instructions from the main server system.

FIG. 5 depicts a detailed example of one embodiment of requesting and/or transferring medical image and/or record files using the medical image and record files transfer system of FIG. 1. At block 502, a medical professional enters a request for an exam or medical file by using the request form interface as illustrated, for example, in FIG. 6. As disclosed herein, the request form interface can take on various forms, and preferably, the request form interface is a web interface accessible from most any computer or device with network access to the web server in the main server system. The information provided by the medical professional comprises but is not limited to facility location, patient name, date of birth, last four digits of the patient's social security number, DL, approximate date of examination and/or medical file creation, examine type, body part examined, and the like.

Concurrently or sequentially, at block 504 patient completes and submits a HIPAA release form. A patient can use a kiosk system, or other user access point at the destination medical facility (or at some other location) completes and/or submits a HIPAA release form for allowing the requested medical files to be released. In certain embodiments, there is a unique bar code on the HIPAA release form to uniquely identify the HIPAA release form or to associate the HIPAA release form to a particular patient. In certain embodiments this HIPAA release form may be computer generated and downloadable from the internet or in other embodiments may be printed by the kiosk. As disclosed herein, the kiosk system or a hospital/medical facility workstation attached and/or electronically connected to the client server system can accept a paper form completed by the patient. After accepting the HIPAA release form, the kiosk can scan and/or OCR the paper form (into a PDF, TIFF, or other document/image file format) at block 506, and identify the bar code or other information on the form. In certain embodiments, the bar code is already associated with the patient, in which case, the kiosk can associate the scanned paper form with the correct patient and transfer the scanned paper form to the main server system for storage in the HIPAA release form database. In certain embodiments, the bar code is not already associated with the patient, in which case, the kiosk system instructs that the user input identification information (name, contact information, username, and/or identification code, or the like), and kiosk system verifies the information with the main server system. If the patient information is verified, then the kiosk system associates the patient identity (for example, the main server system's unique identifier, the patient identification at the source medical facility, the patient identification at the destination medical facility, or the like).

Alternatively, at block 508, the HIPAA release form can be faxed to an electronic facsimile (fax) system or other computer system that can digitize and process the fax. At block 510, the fax system can have OCR integrated into the system so that the fax system can read, interpret, and/or decipher the bar code on the HIPAA release form, thereby allowing the fax system to automatically associate the faxed HIPAA release form with the proper patient and/or request.

Alternatively, the kiosk system can allow the patient to complete the form electronically via the interface on the kiosk system. In certain embodiments, the kiosk system is configured to comprise a signature pad, wherein the patient can write or input his signature to be electronically stored in a database at the kiosk system, or in the main server system, or in the client server system at a medical facility, or printed on to a HIPAA release form. To verify the identity of the patient, the signature can be compared to prior signatures on file by the main server system or by the film librarian. The kiosk can also comprise a webcam or other video/photo input device for capturing a video or photographic image of the patient using the kiosk. The video or photographic image can be used by the film librarian to verify the identity of the patient.

In other embodiments, the kiosk system is a computer accessible by the patient, or other device accessible by the patient, such as but not limited to a handheld computer with network access to the main server system. Such computers or devices can include without limitation all or some of the features of the kiosk set forth above. Alternatively, the patient and/or the medical professional can fax, email, or otherwise transfer the HIPAA release form to the main server system for storage in the HIPAA release form database.

As disclosed herein, the main server system receives the executed HIPAA release form and the request for medical files, and matches the HIPAA release form to the request by optical character recognition (OCR) software, corresponding bar codes, or other methodology of linking the form with the request. At block 512, the main server system stores the request for medical files in the transfer history database and stores the HIPAA release form in the HIPAA release form database. At block 514, using the various methods and systems disclosed herein, the main server system displays the request for medical files on a film librarian interface at the appropriate source medical facility. At block 516, a film librarian at the source medical facility reviews the request for medical files, and at block 518 uses the RIS and/or HIS interfaces available to the film librarian to identify the patient and at block 520 to locate the requested examination or medical files.

In certain embodiments, the main server system is configured to compare, using OCR software or other recognition software, the signature on the HIPAA release form to signatures previously received, stored, or recorded in the HIPAA release form database to verify the identity of the patient. The main server can also compare the photographic image or video with previously stored photographic images or videos to verify the identity of the patient. The foregoing verification steps can also be completed by the film librarian.

At block 522, if no examination or medical files that correspond to the information in the request form exist or are available, then the film librarian selects the option “no films were available” using the film librarian interface. At block 524 and 526, the response is then sent from the film librarian interface to the main server system, and the main server system displays the response on the film librarian interface at the destination medical facility, notifying the medical professional that the requested medical record file could not be found. Alternatively and/or additionally, the main server system is configured to send an email or other notification to the medical professional that created the request for the medical file. In certain embodiments, the email can be encrypted and/or protected using other secure protocols and/or means for protecting the confidential data within the email. The email can also be configured to comprise a hyperlink to a secure website (for example, requiring a username and password, encryption key, authentication and/or the like) in order to obtain, retrieve, and/or review the confidential data and/or information.

If the examination or medical files that correspond to the information in the request form do exist or are available, then the film librarian selects the option “approve” using the film librarian interface. In certain embodiments, at block 528 the film librarian interface displays the approval form wherein the film librarian enters the medical record number (MRN) into the approval form as disclosed herein and submits the information. The approval information is sent to the main server system, and the main server system sends the information to the client server system at the source system to perform a search for the medical files corresponding to the MRN's provided by the film librarian. For example, at block 530 the client server system at the source medical facility performs on a PACS and/or an image server at the source medical facility a DICOM query for examinations related to the MRN's provided by the film librarian.

If the medical records are located at the source medical facility, the main server system is notified and at block 532 the main server system displays on the librarian interface at the source medical facility the information relating to the medical files located at the source medical facility. Using the film librarian interface at block 534, the film librarian selects the examination and/or the medical files appropriate for transfer to the destination medical facility. These selections are sent from the film librarian interface and sent to the main server system, and at block 536 the main server system sends the information to film librarian interface at the destination facility so as to notify the medical professional that requested the medical files. Alternatively and/or additionally, the main server system is configured to send an email or other notification to the medical professional that created the request for the medical file.

The main server system also sends the information about the located medical files to the client server system at the destination medical facility. In certain embodiments, at block 538 the client server system performs a check to determine whether the PACS, RIS and/or HIS systems or other medical systems at the destination medical facility have ORM, and/or equivalent message or system communication or the like, capabilities.

If there are no ORM capabilities, and/or equivalent order capabilities, and/or other electronic order creation capabilities, the client server system at block 540 sends a communication to the main server system, and the main server system relays the communication to the film librarian interface the destination medical facility, instructing the film librarian to manually create an order, and/or a no read order, in the RIS and/or HIS system at the destination medical facility. The RIS and/or HIS system creates an accession number to be associated with the medical files being transferred to the destination medical facility. The film librarian at the destination facility is then presented with a list of exams available for the selected patient. This list may aggregate available studies from multiple medical facilities or may present only studies from one source medical facility, based upon whether the initial request was to one or multiple facilities or all known facilities. The destination film librarian can then select the exams and/or medical files that are appropriate and desired for transfer. At block 542, for the each exam and/or medical files selected for transfer, the destination film librarian uses the film librarian interface to select the request at issue and inserts the accession number in the request form. The film librarian interface sends that information to the main server system, and the main server system sends the information to the client server system at the destination medical facility.

If there are ORM, and/or equivalent message or system communication or the like, capabilities, the film librarian at the destination facility can then be presented with a list of exams available for the patient. This list may aggregate available studies and/or medical files from multiple medical facilities or may present only studies and/or medical files from one source medical facility, based upon whether the initial request was to one or multiple medical facilities. At block 544, the destination film librarian can then select the exams and/or medical files that are appropriate and desired for transfer. At block 546, the client server system can then create an ORM, and/or equivalent message or system communication or the like, and sends it to the RIS and/or HIS system at the destination medical facility for each exam selected. The RIS and/or the HIS system receives the ORM, and/or equivalent message or system communication or the like, creates and accession number to be associated with each of the medical files, and returns to the client server the accession number for each file. In one embodiment, at block 548, the client server system retrieves the accession number from the RIS and/or HIS system after each ORM, and/or equivalent message or system communication or the like, has been sent.

In certain embodiments, the film librarian and/or the medical professional that created the request for the medical files selects the desired medical files from those that are available, and such selection is made through the film librarian interface in some instances. In other embodiments, the medical files are automatically transferred from the source destination medical facility.

In certain embodiments, after the accession number has been created and has been obtained by the client server system at the destination medical facility, the client server system sends a communication to the main server system, and at block 550 the main server systems sends a communication to the client server system at the source medical facility, wherein the communication comprises an instruction to initiate a network connection with the destination medical facility and send the requested medical files to the destination medical facility.

In certain embodiments, the communication comprises without limitation, the instruction to retrieve selected medical files from a PACS, and/or an image server, HIS system, and/or RIS system, instructions to transfer medical files to the destination medical facility, the medical record number, the patient identification number used at the source medical facility, the medical facility identification number of the destination medical facility, the network location of the client server system at the destination medical facility, and/or a network key/encryption key for establishing a secure network connection with the client server system at the destination medical facility. In certain embodiments, the network key/encryption key is only valid and/or usable for a specific period of time, and/or can only be used once. Alternatively, the network key/encryption key can be recycled and/or reused after a period of non-use.

A similar communication is sent from the main server system to the client server system at the destination medical facility, wherein the communication comprises an instruction to accept and/or establish a network connection with the source medical facility to receive the requested medical files from the source medical facility.

In certain embodiments, the communication to the client server system at the destination medical facility comprises without limitation, the instruction to locate the accession number to be associated with the medical files, instructions to receive the medical files from the source medical facility, the patient identification number used at the destination medical facility, the medical facility identification number of the source medical facility, the network location of the client server system at the source medical facility, and/or a network key/encryption key for establishing a secure network connection with the client server system at the source medical facility.

In other embodiments, the client server system is configured with an interface device for receiving medical files from a portable storage media instead from the source medical facility through a network connection. For example, a portable storage media may comprise but is not limited to a CDROM, DVD-R, Blu-ray, USB or other memory stick, floppy diskette, a magnetic tape, or the like. In other embodiments, the client server system is configured with or is connected to an email server, wherein the client server system is configured to receive medical files through email as an attachment or a link to a network storage server or the like.

After the medical files have been received by the client server system at the destination medical facility, at block 552 the client server system, in certain embodiments, is configured to modify the header portion of the medical file to insert or add data as disclosed herein. For example, the client server system can be configured to insert or add or replace as appropriate the following information into the appropriate fields of the header portion of transferred medical files: the new medical record number used by the destination medical facility, the new accession number used by the destination medical facility, the patient identification number used by the destination medical facility, the transaction history information to record the transfer of the medical record file from the source to the destination medical facility; the old accession number used by the source medical facility, the old accession number used by the source medical facility, or any other information.

At block 554 and block 556 the client server system is configured to then store the medical record files in the appropriate database. For example, if the medical record is a DICOM image then the client server system may be configured to store the medical file in the PACS and/or image server at the destination medical facility. In other instances the medical file is a text file or a PDF file comprising a report or analysis of a medical image file, and the client server system is configured to store the medical file in the PACS, RIS and/or the HIS and/or other system at the destination medical center. As disclosed herein, the storing of the medical file in the RIS and/or the HIS system can occur directly between the client server system and the RIS/HIS system, or by the client server system creating an OBX, and/or equivalent message or system communication or the like, comprising the medical file and sending the OBX, and/or equivalent message or system communication or the like, to the RIS/HIS system for processing and storage.

In other embodiments, the client server system at the source medical facility sends the requested medical files to destination medical facility. After receiving the medical files, the client server system at the destination medical facility creates an ORM, and/or equivalent message or system communication or the like, and sends it to the PACS, RIS and/or HIS or other medical system to generate an accession number for each exam received. The PACS, RIS and/or HIS or other medical system receives the ORM, and/or equivalent message or system communication or the like, creates the accession number to be associated with each of the medical files, and returns it to the client server. The client server at the destination medical facility modifies, inserts, replaces the accession number in the header of the medical file with the newly generated accession number received by the client server system.

FIG. 6 depicts an example of one embodiment of a screen view 600 of the request form interface associated with requesting medical files through the medical image and record files transfer system of FIG. 1. The screen view can take on various forms, such as an HTML-based web interface, a java applet, a Windows interface, or the like. As disclosed herein, the requesting screen view is connected to the main server system through the network.

In this requesting screen view 600, the medical professional at the destination medical facility provides information related to the medical files being requested. For example, the information may comprise but is not limited to institution state 602, institution name 604, patient name 612, 614, 616, the patient identification number used by the source medical facility 608, the patient identification number used by the destination medical facility 610, the date of birth of the patient 618, the patient phone number 620, the medical files being requested (for example, by description, by accession number, by date and type) 628, and at least a portion of the patient's social security number 622. The medical professional can also insert notes 628 to be viewed by the film librarian at the source medical facility. After completing the requesting form, the medical professional selects the submit button 626 and the request is sent to the main server system.

FIG. 7 depicts an example of one embodiment of a film librarian interface 700 associated with some embodiments of the medical image and record files transfer system of FIG. 1. The screen view 700 can take on various forms, such as an HTML-based web interface, a java applet, a Windows interface, or the like. As disclosed herein, the film librarian interface screen view is connected to the main server system through the network.

In this film librarian interface screen view 700, the film librarian at the source medical facility is provided information related to incoming requests 702 for medical files as well as the status of outgoing requests 704 for medical files that were created by medical professionals at the source medical facility. For example, in the top portion of the screen, the film librarian is presented with incoming requests 702 for medical files from various medical facilities. The film librarian can scroll 706 through the incoming requests wherein certain information is displayed, such as the unique identification number of the request 708, the date and time of the request 710, the requesting institution 712, the city 714, state 716, and status of the request 718, or the like. For example, the status of a request could be but is not limited to new, approved, denied, and not found. The film librarian can click on any one of the requests to review the detailed information about the request.

The film librarian can utilize the request information displayed on the film librarian interface 700 to cross reference with other database interfaces accessible at the source medical facility to search for the requested medical files. If the film librarian does not locate the medical files, the film librarian can select the files not found button. If the film librarian does locate the records but the HIPAA release form cannot be located or is invalid, then the film librarian can select the denied button. If the film librarian does locate the records and the HIPAA release form can be found and/or is valid, then the film librarian hits the approve button, which launches a new screen window as shown in FIG. 8.

FIG. 8 depicts an example of one embodiment of a screen view 800 associated with approving a request for medical files through the medical image and record files transfer system of FIG. 1. The screen view 800 can take on various forms, such as an HTML-based web interface, a java applet, a Windows interface, or the like. As disclosed herein, the approving screen view that is part of the film librarian interface is connected to the main server system through the network.

In this approving screen view 800, the information about the request for medical files and the related patient information is displayed. For example, the information comprises but is not limited to institution state 806, institution name 804, patient name 812, 814, 816, the patient identification number used by the source medical facility 808, the patient identification number used by the destination medical facility 810, the date of birth of the patient 818, the patient phone number 820, the medical files being requested (for example, by description, by accession number, by date and type), and at least a portion of the patient's social security number 822. The film librarian can also insert, input, and/or append information about the available or located medical records available for transfer 828. For example, the film librarian can input information such as accession number 830, date 832, description of the medical file 834, and modality the medical file exists 836, or the like. In certain embodiments, the system can automatically and/or semi-automatically populate, input, insert, and/or write information into the approving screen view for the film librarian to review and/or approve 838. The film librarian can also insert notes to be viewed by the medical profession at the destination medical facility.

After completing the approving form, the film librarian selects the approve button and the approval information is sent to the main server system. In certain instances, the main server system is configured to send instructions to the client server system at the source medical to send the specified medical files to the destination medical facility, and to send instructions to the client server at the destination medical facility to accept the medical files from the source medical facility. In other embodiments, the main server system is configured to present the available medical files to the film librarian at the destination medical center, wherein the film librarian at the destination medical center can select which medical files should be transferred from the source medical facility. After the medical files are selected on the film librarian interface at the destination medical facility, the selection information is sent from the film librarian interface to the main server system wherein the server system sends instructions to both the client server systems at the source and destination medical facilities as set forth above.

FIG. 9 depicts an example of one embodiment of a header portion 900 associated with a medical image or medical record file. In the header portion of a medical file, various fields can exist, for example, patient name 902, patient identification number 904, patient social security number, the medical facility that created the image or record 932, audit trail 938, medical history information, or the like. In the audit trail field, the client server system, in some embodiments, is configured to insert or add transaction information. In the medical history information field, the client server system, in some embodiments, is configured to insert or add medical history information.

With reference to FIG. 10, an example of the medical procedure mapping module 1002 is depicted in the main server system. The medical procedure mapping module 1002 can be used to map, translate, or rename the code and/or name of a medical procedure performed at a first medical facility 1004 into the procedure code and/or name used by a second medical facility 1006. As illustrated in FIG. 10, Medical Facility 1 1004 has performed scan of Patient 32412 1008, and the procedure name for the scan is CT Abd/Pelvis w/IV Contrast 1010, which means Patient 32412 had a CT scan of his abdomen and pelvis areas with IV contrast added. Patient 32412 has authorized Medical Facility 2 1006 to access his scan; however, Medical Facility 2 1006 has a different patient identification number 1012 for the patient, and uses a different name for the medical procedure that was performed, for example, Abd/Pelvis CT w/1014.

Accordingly, and still with reference to FIG. 10, the code and/or procedure name of the scan can be changed within the header portion of the patient file for purposes of ensuring that the file is compatible with the medical systems at Medical Facility 2 1006, enabling medical professionals at Medical Facility 2 1006 to determine the contents of the medical file, conforming the file name to the consistent naming standard of Medical Facility 2, ensuring the association of the proper billing codes and/or medical reimbursement codes to the medical file, or the like. The remapping or renaming protocol can be a one-to-one mapping or a many to one mapping, or one to many mapping. For example, a one-to-one mapping is where each code and/or name of a medical procedure is mapped to one specific code and/or name. In contrast, a many-to-one mapping is where several codes and/or names of medical procedures are mapped to one specific code and/or name.

In certain embodiments, the system is configured to map medical procedure codes and/or names at destination and/or source medical facilities to a standardized mapping table and/or a standardized intermediary code system. By using a standardized mapping table and/or a standardized intermediary code system the complexity of maintaining separate mappings for each institution can be reduced. The original procedure name and/or code may in certain embodiments be stored in a DICOM tag or private DICOM tag in the header and/or displayed as in a summary image saved, stored, embedded, or burned into the image set. In certain embodiments, the medical procedure mapping module automatically maps, translates, and/or renames the source procedure code and/or name to the code and/or name of the medical procedures used at the destination medical facility, possibly through the standardized intermediary code system described above, and stores the data in the PACS, RIS and/or HIS systems at the destination medical facility.

Regarding FIG. 10, in certain embodiments, the medical procedure mapping module 1002 is located at the medical facility in the client server system 1004. After receiving the medical file from Medical Facility 1 1004, the client server system at Medical Facility 3 1016 processes the header portion of the medical file using the medical procedure mapping module. The medical procedure mapping module identifies the “CT Abd/Pelvis W/IV Contrast” code 1010 and/or name of a medical procedure performed Medical Facility 1, and maps, translates, and/or renames it to the code and/or name of the corresponding medical procedure performed Medical Facility 3, which in this example is “Abd/Pelvis CT” 1014. In the foregoing example, a one-to-one mapping is used, wherein medical procedure codes and/or names at one medical facility map directly to medical procedure codes and/or names at another medical facility.

Referring to FIG. 10, alternatively, the medical procedure mapping module located at the source medical facility, in this example, Medical Facility 1 1004, can be configured to use the medical procedure mapping module to map, translate, and/or rename the medical procedures to the corresponding codes and/or names in a standardized mapping table and/or standardized intermediary code system stored at the main server system 1018. The standardized mapping table and/or standardized intermediary code system can be accessed in the main server 1018 in real-time or a copy of the standardized mapping table and/or standardized intermediary code system can be transferred, distributed, or pushed out periodically to the client server systems so that the information can be accessed locally and without accessing the main server 1018. The mapped, translated, and/or renamed the medical procedure having the standardized nomenclature can be transferred to the destination medical facility, for example, Medical Facility 2 or 3. The client server system at the destination medical facility medical, for example, Medical Facility 2 or 3, can use the procedure mapping module and the standardized mapping table to map, translate, and/or rename the medical procedure having the standardized nomenclature to the codes and/or names used by the destination medical facility. In the foregoing example, medical procedure codes and/or names at one medical facility are mapped first to a standardized mapping schema or table, and then the standardized mapping codes and/or names are mapped to the multiple medical procedure codes and/or names at other medical facilities

Referring to FIG. 10, the medical procedure mapping module can also be configured to allow a medical professional, with the appropriate authorization and/or system privileges, to manually review, analyze, approve, override, set, and/or identify the code and/or name of the medical procedure to be associated with the medical file. The setting chosen by the medical professional can be temporary (for example, a special code or name for the medical file) or can be stored for similar medical files received in the future. As such, the medical procedure mapping module can be configured to remember and/or save the setting manually performed or selected by the medical professional so that similar medical files received in the future will automatically be associated with the code and/or name of the medical procedure. Accordingly, the medical procedure mapping module can learn over time the proper codes and/or names to be associated with certain medical files, or build a mapping table over time. Alternatively, the medical procedure mapping module can be configured with a mapping table during the initial setup or during periodic updating of the client server system and/or the main server system.

In some embodiments, the acts, methods, and processes described herein are implemented within, or using, software modules (programs) that are executed by one or more general purpose computers. The software modules may be stored on or within any suitable computer-readable medium. It should be understood that the various steps may alternatively be implemented in-whole or in-part within specially designed hardware. The skilled artisan will recognize that not all calculations, analyses and/or optimization require the use of computers, though any of the above-described methods, calculations or analyses can be facilitated through the use of computers.

Marking Medical Files/Examinations “Signed”

With reference to FIG. 11, when importing medical files and/or examinations from a source medical facility to a destination medical facility, the transferred medical files and/or examinations are generally listed in a work list as a new medical file and/or examination for a medical professional to review, analyze, and process; however, such transferred medical files and/or examinations have generally been reviewed and analyzed by a medical professional at the source medical facility. To review and analyze a new medical file and/or examination, it is processed over several stages, for example, approved, unread, read, preliminary interpretation, and/or final interpretation/signed steps. To ensure that already reviewed and analyzed medical files and/or reports do not go through the foregoing processing stages, the client server system can be configured to use an Observation Result (ORU) message, and/or equivalent message, system communications, or the like, to properly mark the medical files and/or examinations as “signed” or electronically signed (process 1100).

Referring to FIG. 11, in the HL7 Standard, an ORU is usually in response to an order and provides clinical observations. In HL7 messaging, ORU messages provide structured patient-oriented clinical data between systems (for example, EKG results to a physician's office). ORU messages also can be used for linking orders and results to clinical trials (for example, new drugs or new devices). Clinical observations can include without limitation: clinical laboratory results, imaging studies (for example, text), EKG pulmonary function studies, and/or interpretations, and/or the like.

Regarding FIG. 11, in certain embodiments, the client server system can be configured to use an ORU message, and/or equivalent message, system communication, or the like, to set a flag or status flag in a PACS, RIS, HIS, and/or other system, or to trigger a PACS, RIS, HIS, and/or other system to mark selected medical files and/or examinations as “signed” (block 1126). For example, after a client server system at a destination medical facility receives medical files and/or examinations from a source medical facility, the client server system can be configured to store the medical files and/or examinations into the medical facility's PACS, HIS, RIS, and/or image server systems using a direct HL7 and/or DICOM connection at block 1122. In certain embodiments, the client server system is configured to use an ORU, and/or equivalent message, system communication, or the like, to set a flag or status flag in the RIS, HIS, and/or PACS, or to trigger the RIS, HIS, and/or PACS at block 1126 to mark the recently stored medical files and/or examinations as “signed” or approved, reviewed, and/or analyzed so that the medical files, and/or examinations do not appear to a medical professional as unread and/or a new study. Marking the medical files and/or examinations as “signed” generally prevents the medical professional from reviewing already reviewed medical files and/or examinations, and allows the medical professional to use the medical files and/or examinations for historical review or comparison purposes.

Report Forwarding

In certain embodiments, the source medical facility is an emergency room, hospital, clinic, doctor's office, or the like, and the destination medical facility is a third party that provides outsourced radiology film interpretation/analysis and/or other medical services. For example, such third parties include without limitation NightHawk Radiology Services®, Virtual Radiologic, Quality Nighthawk, US Radiology On-Call, or the like. These third parties are generally employed by the source medical facility to read, analyze, and/or interpret the medical files and/or examinations generated at the source medical facility, and to transfer back such analysis, consultation, reports, images, or the like to the source medical facility for the medical professionals to review, analyze, and relay to the patient.

In this example, the medical files and/or examinations may need to be transferred or forwarded from the source medical facility to the destination medical facility wherein the transferred medical files and/or examinations are marked new, unread, unanalyzed, and/or unsigned at the destination medical facility. The client server system, in certain embodiments, is configured to automatically forward medical files and/or examinations to a destination medical facility based on a criterion, for example, a specific time period (low staffing period), periodic basis, in real time, or other basis. The criterion can also include but is not limited to being based on a specific time period (for example off-hours), based on staffing available (for example, scheduled staffing or real time assessment of staffing and/or current work load) at the medical facility, based on a specific examination type or specialty required, or any other criteria. Alternatively, the client server system can be configured to forward a file copy of or an electronic copy of all or substantially all images, medical files, and/or examinations received on a specific TCP/IP port to a destination medical facility. The medical files and/or examinations are marked new, unread, unanalyzed, and/or unsigned so that the third party medical professionals will be notified to review, analyze, and interpret the transferred medical files and/or examinations.

Generally, when transferring medical files and/or examinations, the destination medical facility may automatically import and/or display the medical files and/or examinations in a work list or the like, and mark the medical files and/or examinations as new, unread, unanalyzed, and/or unsigned. In certain embodiments, the client server system at a destination medical facility is configured to store the medical files and/or examinations into the medical facility's PACS, HIS, RIS, and/or image server systems using a direct DICOM and/or HL7 and/or other connections. The client server system can also be configured to use an ORU, and/or equivalent message, system communication, or the like, to set a flag or status flag in the PACS, RIS, HIS and/or other systems, or to trigger the PACS, RIS, HIS, and/or other system to mark the recently stored medical files and/or examinations as “unsigned” or unapproved, not reviewed, and/or unanalyzed so that a medical professional will be notified to review, analyze, and/or interpret the recently transferred and/or stored medical files, and/or examinations.

After reviewing, analyzing, interpreting, and/or signing the medical files and/or examinations, the client server can be configured to transfer the signed medical files, medical reports and/or examinations back to the source medical facility and/or other medical facilities. In transferring the signed medical reports and/or examinations back, the client server system at the source medical facility and/or at other medical facilities can be configured to use an ORU message, and/or equivalent message, system communication, or the like, to set a flag or status flag in a PACS and/or RIS, or to trigger a PACS and/or RIS to mark the medical files and/or examinations as “signed” if so desired.

Enterprise Master Patient Index

Enterprise Master Patient Index or Enterprise-wide Master Patient Index (EMPI), are Master Patient Indexes (MPI) or Patient Master Indexes (PMI), which link several smaller organization level MPIs together. In medical systems, a MPI is an index referencing all or substantially all patients known to an area, enterprise or organization. In certain embodiments, the client server systems and/or the main server systems are configured to connect and communicate with EMPI, MPI, and/or PMI systems to locate, search, retrieve, and store medical files, examinations, and/or other data.

Medical File Back-Up Module

In certain embodiments, medical facilities may require that medical files and other data be stored and/or backed-up at an off-site facility and/or at a third party service provider. Such requirements may be due to government regulations, disaster preparedness planning, cost/maintenance policies, and/or other medical facility policies. In certain embodiments, the client server system is configured to automatically forward medical files and/or examinations to a medical facility, third party service provider, off-site facility or the like that acts as a backup storage facility.

File and/or Message Conversion Module

In certain embodiments, the medical facilities may require that medical files and/or other data files that are transferred into and/or out of the medical facility be converted into a different file format and/or type so that the medical files, medical system messages, and/or other data files are compatible with and/or may be read by the systems and/or computer systems at the medical facility. In certain embodiments, the file and/or message conversion module can be configured to convert medical files, medical system messages, and/or other data files into other types of data file formats. In certain embodiments, the medical files and/or other data files may be converted by the client server system at the source and/or destination medical facility. For example, the medical files and/or other data files may be converted from a Microsoft® Word file to a WordPerfect® file, and/or the like. Other example file conversions include without limitation DICOM using JPEG2000 to DICOM using JPEG, DICOM to JPEG, Microsoft® Word to ASCII text, and the like. In certain embodiments, the file and/or message conversion module can be configured to convert, transform, and/or reformat system messages, for example, HL7 messages, into other message formats and/or types to be compatible with other hospital systems, for example, RIS, HIS, PACS, and/or other formats. This converting, transformation and/or reformatting process can be specific down to the individual character.

In certain embodiments, the file and/or message conversion module can be configured to determine the file format type by reviewing the extension name of the file and/or analyzing the contents of the files. The file and/or message conversion module can be configured to convert multiple medical files and/or other data files as an entire set.

Image File Processing

In certain embodiments, it can be advantageous for a medical file, medical image, medical system message, and/or a record file to be processed by a processing system. For example, during the transfer of a medical image from a first medical facility to a second medical facility, it can be advantageous in certain situations for the medical image to be processed by a third-party image processing system. In some cases, a medical facility may have a contract or other agreement with a third-party image processing facility (alternatively, no contract or agreement exists and services from the third-party imaging processing facility are provided on an ad-hoc basis or as an on-demand processing service) to receive medical images and/or medical files in order to process the files in a certain manner before the medical image and/or medical file is sent off to the destination medical facility. Examples of processing by a third-party entity can include without limitation image processing, image enhancement via techniques such as iterative reconstruction or techniques not yet developed, data processing, data format processing, transcription processing, data normalization processing, data mining processing, authentication processing, data analysis processing, data storage processing, and any other processing.

Third-party processing of medical images and/or medical files can be especially advantageous when a medical facility does not have the computing resources to perform processing of medical files and/or medical images or if it does not make sense for smaller medical facilities to have individual computing resources versus sharing such resources with other facilities. For example, image processing of medical image files can require a tremendous amount of computing power and/or expensive software algorithms and/or access to inexpensive electricity. Accordingly, it can be more efficient and less expensive for medical facilities to engage third-party entities to perform image processing when the third-party entity has access to large computing resources, sophisticated image processing algorithms, and/or access to inexpensive electricity.

However, there can exist a potential security risk associated with third-party processing. Therefore, there is a need for systems and methods for anonymizing the medical files of a patient before transferring such data to a third-party entity for processing, and then associating the processed medical file with the correct patient identification number. FIGS. 13 15 illustrate methods and systems for transferring medical files to an image and/or file processing system, and anonymizing medical files before the data is sent over to a third-party processing entity.

FIG. 13 is a block diagram illustrating a high-level overview of one embodiment of a medical image and record files transfer system that is similar to the embodiment illustrated in FIG. 1. In the embodiment depicted in FIG. 13, an image and/or file processing system 1302 is connected through the network 210 through a network connection 112. The network connection 210 allows the image and/or file processing system 1302 to communicate with the main server system 110, the kiosk system 108, the first medical facility 102, and the second medical facility 103.

As illustrated in FIG. 13, the image and/or file processing system 1302 can comprise a firewall system 1304 to prevent unauthorized access to the image and/or file processing system 1302 through the network connection 112. The image and/or processing system 1302 can comprise a client server system 1308. The client server system 1308 can be configured to communicate with the main server system 110, the first medical facility 102, and the second medical facility 103. In an embodiment the client server system 1308 can be configured to receive instructions from the main server system 110. For example, the client server system 1308 can be instructed by the main server system 110 to receive medical images and/or medical files from the first medical facility 102.

In an embodiment, the client server system 1308 can also receive instructions from the main server system 110 to process the medical files and/or medical images received from the first medical facility 102 using the image processing system 1306, the file processing system 1310, or any other processing systems 1312. The client server system 1308 can also receive instructions from the main server system 110 to transfer the processed medical file and/or medical image to the second medical facility 103 through the network 210.

In this example, the second medical facility 103 may have requested that a medical file and/or a medical image be transferred from the first medical facility 102 to the second medical facility 103. The second medical facility 103 and/or the first medical facility 102 may have an agreement or other contract with a third-party processing entity that comprises the image and/or file processing system 1302. Pursuant to the agreement and/or contract, all or some (based on optional criteria) of the medical file is received by the second medical facility 103 are to be first processed by the image and/or file processing system 1302 before the medical file and/or medical image is sent to the second medical facility 103. The optional criteria for determining whether a medical file is sent to an image and/of file processing system can include without limitation time of day, available staffing, price of processing, reimbursement amount, size of file, medical emergency type, doctor instructions, turn-around time requirements, bandwidth availability, available computing resources, number of patient cases, image/file type, image/file clarity, number of files in a queue, or any other factor. The optional criteria can also include the physician preference (for example, either the interpreting physician, the referring physician, or some other physician); the medical facility (for example, the source medical facility-destination medical facility preference combination associated with the transfer, the source medical facility or the destination medical facility involved); the protocol and/or type of examination; the procedure code and/or type; the procedure description; the amount of statistical noise within the image(s) or medical file noise, abnormalities, characteristics, and/or type; the machine or scanner type and/or age and/or characteristic that produced the image or medical file; the history and/or diagnosis of the patient that can be included in the medical file; and the flagging or tagging or requesting of the image file or medical file be further processed by the image and/or file processing system 1302.

The instructions for sending the medical image and/or medical file to the image and/or file processing system 1302 before sending the medical file and/or medical image to the second medical facility 103 can be sent by the main server system 110 when the main server system 110 instructs the first medical facility 102 to send specific medical files and/or medical images to the second medical facility 103. Alternatively, the instructions for sending the medical files and/or the medical images to the image and/or file processing system 1302 can be sent by the second medical facility 103 when the first medical facility 102 makes a direct connection with the second medical facility 103. In other embodiments, the first medical facility 103 can be configured to send the medical image(s) and/or file(s) to the image and/or file processing system 1302 first without any specific instructions from the main server system 110 or the second medical facility 103. For example, the first medical facility 103 can send the medical image(s) and/or file(s) to the image and/or file processing system 1302 due to internal protocol and/or standing instructions from the main server system 110 and/or second medical facility 103.

In the first option, the main server system 110 can be configured to store the transfer preferences of the second medical facility 103. For example, the second medical facility 103 can have the transfer preference of transferring all medical files and/or medical images first to the image and/or file processing system 1302 for processing before the medical file and/or medical images are sent to the second medical facility 103. Accordingly whenever the main server system 110 receives from the second medical facility 103 a request for medical files and/or medical images, the main server system can access the transfer preferences for the second medical facility 103. In identifying the transfer preferences of the second medical facility 103, the main server system 110 can be configured to send instructions to the client server system 124 at the first medical facility 103 to transfer certain medical files and/or medical images to the image and/or file processing system 1302.

In an embodiment, the main server system 110 can be configured to send instructions to the client server system 1308 at the image and/or file processing system 1302 to receive medical files and/or medical images from the client server system 124 that is a part of or connected to the first medical facility 102. In the instructions to the image and/or file processing system 1302, the main server system can be configured to instruct that the received medical files and/or medical images be processed according to the processing preferences designated by the second medical facility 103. For example, the processing preference can include without limitation processing all medical images using the image processing system 1306 using a specific image processing algorithm.

In other embodiments, the instructions from the main server system 110 can be based on a criteria established by the second medical facility 103. For example, the main server system 110 can be configured to instruct the client server system 1308 at the image and/or file processing system 1302 to process medical files using a first image processing algorithm during a certain time period or to use a second image processing algorithm during a second time period. The main server system 110 can also be configured to instruct the client server system 1308 at the image and/or file processing system 1302 to send the image file and/or medical file after it has been processed to the client server system 124 that is part of or connected to the second medical facility 103 through network 210.

Alternatively, transfer preferences can be sent to the first medical facility 102 from the second medical facility 103 as opposed to being sent by the main server system 110. For example, when the second medical facility makes a request for medical files and/or medical images from the first medical facility 102, the client server system 124 that is part of or connected to the second medical facility 103 can be configured to contact the main server system 110 to submit the request for the medical files and/or medical images. The main server system 110 can be configured to contact the client server system 124 that is part of or connected to the first medical facility 102 to instruct the client server system 124 to establish a network connection with the client server system 124 that is a part of or connected to the second medical facility 103 in order to transfer the requested medical files and/or images from the first medical facility 102 to the second medical facility 103.

The client server system 124 that is part of or connected to the first medical facility 102 can be configured to establish a network connection with the client server system 124 that is part of or connected to the second medical facility 103. Using the network connection, the second medical facility 103 can be configured to instruct the client server system 124 that is part of or connected to the first medical facility 102 to send the requested medical files and/or images to the client server system 1308 that is part of or connected to the image and/or file processing system 1302. The client server system 124 that is part of or connected to the second medical facility 103 can also be configured to send to the client server system 124 that is part of or connected to the first medical facility 102 the processing preference instructions.

After receiving the processing preference instructions of the second medical facility 103, the client server system 124 that is part of or connected to the first medical facility 102 can be configured to establish a network connection with the client server system 1308 that is part of the image and/or file processing system 1302 in order to transfer the requested medical files and/or the medical image files to the client server system 1308. The client server system 124 that is a part of or connected to the first medical facility 102 can also be configured to transfer the processing preferences of the second medical facility 103 to the client server system 1308 that is part of the image and/or file processing system 1302. In an alternative embodiment, the client server system 124 that is part of or connected to the second medical facility 103 can be configured to send directly to the client server system 1308 that is part of the image and/or file processing system 1302 the processing preferences of the second medical facility 103.

FIG. 14 is a process flow diagram of an embodiment for requesting and transferring medical files and/or medical images wherein the medical file and/or medical image is transferred to an image/file processing system before it is transferred to the destination medical facility. The process can begin at block 1402 when a patient visits a medical professional at a destination medical facility. At block 1404 the medical professional conducts a search for prior medical files and/or examinations and/or images. At block 1406, the client server system at the destination medical facility submits a request to the main server system 110 to transfer particular medical files/images from a source medical facility to the destination medical facility. At block 1408, the main server system submits a request to the client server system at the source medical facility.

At block 1410, the client server system can be configured to display the request received from the main server system and the available medical files and/or medical image files to a film librarian to review and approve. In displaying the available medical files and/or medical image files, the client server system at the source medical facility can be configured to access the image server/RIS/HIS systems 1412. Optionally at block 1411, the client server system at the source medical facility can be configured to determine based on criteria whether the medical file should be transferred to an image/file processing system for processing. The determination can also be performed by the source medical facility and/or the main server system. The criteria can include those disclosed above. At block 1414, approval from the film librarian is received by the main server system. The main server system can be configured to send network connection keys to the destination medical facility and the source medical facility, and the image/file processing system. The main server system can also be configured to instruct the source medical facility to establish a network connection with the image/file processing system to send the requested medical files and/or medical images to the image/file processing system.

At block 1416, the client server system at the processing system establishes a network connection with the source medical facility. At block 1418, the image/file processing system receives medical files and/or images from the source medical facility and performs image and/or file processing before transmitting the files to the destination medical facility. At block 1420, the client server system at the destination medical facility establishes a network connection with the image/file processing system. At block 1422, the client server system at the image/file processing system locates and transfers the processed medical files and/or medical images to the destination medical facility. At block 1424, the main server system can be configured to optionally record the transaction in a transaction history database 1426. At block 1428, the client server system at the destination medical facility can be configured to receive and store the processed medical files and/or medical images in a PACS database, image server database, RIS database, HIS database, or any other databases 1432. At block 1430, the client server system at the destination medical facility can be figured optionally and an ORU message to a PACS/RIS system to mark the medical files, examinations, and/or medical images as “signed”.

FIG. 15 is a flow chart illustrating an embodiment for optionally anonymizing the medical files and/or medical images sent to a third-party processing entity and/or destination medical facility. As discussed above, it can be advantageous to anonymize the medical files and/or medical images sent to a third-party processing entity and/or destination medical facility in order to protect the confidential information of patients and/or users. The process can begin at block 1502 wherein a client server system at a source medical facility receives a network key and/or instructions from the main server system 110 to send medical files and/or medical images to an image/file processing system 1302 and/or destination medical facility. Alternatively, the instructions to send the medical files and/or medical images to the image/file processing system and/or destination medical facility can be sent from the client server system at the destination medical facility. The instructions from the main server and/or the destination medical facility can also include instructions to anonymize the medical files and/or medical images that are to be sent to the third-party processing entity and/or destination medical facility. In other embodiments, the source medical facility can be configured to send the medical file(s) and/or image(s) to the image/file processing system 1302 without any specific instructions. For example, the source medical facility can send the medical file(s) and/or image(s) to the image/file processing system 1302 due to internal protocol and/or standing instructions from the main server system 110 and/or destination medical facility. In certain embodiments, the source medical facility can be configured to anonymize the medical file(s) and/or image(s) that are to be sent to the third-party processing entity and/or destination medical facility. There can be at least three processes or methods for anonymizing medical files and/or medical images to protect the patient identification information.

One method can begin at block 1504 wherein the client server system that is part of or connected to the source medical facility can be configured to determine if the medical file is an image file. If the medical file is determined to be an image file, the client server system at block 1506 can be configured to locate identification information in the image. At block 1510, the client server system can be configured to remove and/or obscure identification information that is located in the image. At block 1508, the client server system can be configured to locate identification information in the header portion of the image file. If identification information is located in the header portion of the image file, the client server system can be configured to remove and/or obscure the identification information in the header at block 1512. At block 1514, the client server system can be configured to associate the medical file and/or the medical images with a processing identification. At block 1516, the client server system can be configured to send the anonymized medical files and/or the medical images to the image/file processing system and/or destination medical facility. At block 1518, the client server system can be configured to send the processing identification along with the true patient identification to the destination medical facility.

In a second method for anonymizing medical files, the client server system that is a part of or connected to the source medical facility can be configured to locate the identification information in the medical file and/or in the header of the medical file at block 1520. If the patient identification information is located in the medical file, the client server system at block 1522 can be configured to remove and/or obscure the identification information in the medical files. At block 1514, the client server system can be configured to associate the medical files with a processing identification. At block 1516, the client server system can be configured to send the anonymized medical files to the image/file processing system and/or destination medical facility. At block 1518, the client server system can be configured to send the processing identification to the destination medical facility along with the true patient identification associated with the medical files.

In a third possible process and/or method for anonymizing medical files, the client server system associated with the source medical facility at block 1524 can be configured to divide the to-be-transferred medical files into multiple parts. At block 1526, the client server system can be configured to associate each part with a sequence identification number for later reconstruction. At block 1528, the client server system can be configured to send the multiple parts of the medical files to an image/file processing system, a plurality of image/file processing systems, and/or a destination medical facility. At block 1530, the client server system can be configured to send the sequence identification numbers to the destination medical facility in order to reconstruct the medical files that were divided into multiple parts. One of ordinary skill in the art will appreciate that one or more aspects of the three processes for anonymizing medical files can be combined with any of the foregoing three processes for anonymizing medical files and/or images.

Medical File Transfer Authorization System

In certain embodiments it can be advantageous to allow a patient or a user to use a mobile device or other computing system to control and/or authorize the transfer of medical files and/or medical images between medical facilities. For example, it can be convenient and advantageous for a patient to use his mobile device to review medical file transfer requests between two medical facilities. The user could also use the mobile device to authorize the transfer of medical files between two medical facilities. In certain embodiments, it can also be advantageous to allow patients and/or other users to aggregate the medical identification numbers associated with a particular patient at various medical facilities. For example, a patient that visits multiple medical facilities can be associated with multiple patient identification numbers, one for each medical facility. It can be advantageous for the patient to aggregate all of the patient identification numbers on a single mobile device or other computing system. By aggregating the patient identification numbers, the patient can control and/or authorize the transfer of patient identification numbers and/or medical files and/or medical images to various medical facilities. FIGS. 16-20 illustrate various systems and methods for authorizing the transfer of medical files and medical images from a mobile device or other computing system of a patient or user, and methods and systems for aggregating patient identification numbers.

FIG. 16 is a block diagram of an embodiment of a medical image and medical file transfer system wherein the authorization of the transfer is controlled by a mobile device or computing system 1602 of the patient or user. In an embodiment, the mobile device or computing system 1602 can be configured to connect to the main server system 110 via network 210. Through the network connection 210, the mobile device or computing system 1602 can be configured to send authorization instructions to the main server in order to transfer medical files and/or medical images between the first medical facility 102 and the second medical facility 103. In an embodiment, the mobile device or computing system 1602 can comprise a server system 1608. The server system 1608 can be configured to connect to the main server system 110 via network 210. The server system 1608 can also be connected to ID aggregation module 1606, authorization module 1610 and other processing modules 1612.

FIG. 17 depicts an example of an embodiment of sequential display screen views of a patient/user identification aggregation system. As illustrated in screen view 1702, the patient ID aggregation system can be configured to display to the patient or user a listing of medical facilities visited by a particular patient. For example, here patient A has visited facility 1 and has been assigned a patient identification number 123. Additionally, patient A has visited medical facility 2 and has been assigned patient identification number 456 at medical facility 2. Further, patient A has visited medical facility 3 which has assigned patient A a patient ID number of 789. The screen view 1704 illustrates how the patient or user can use the patient ID aggregation system to show available medical files and/or medical images available at each of the medical facilities that the patient has visited. For example, patient A has available medical file x and medical file y at the medical facility 1.

Screen view 1706 illustrates how a patient or user can select a particular medical file that is available at a particular medical facility for transfer to a different medical facility. For example, patient A can select medical file x which is stored at medical facility 1, and can authorize the transfer of medical file x to a different medical facility. Screen view 1708 illustrates how a patient or user can use the patient ID aggregation system to select a different medical facility for transferring a medical file from a source medical facility. For example, patient A can use the patient ID aggregation system to select medical facility 2 for transferring medical file x from medical facility 1. Screen view 1710 illustrates how a patient or user may use the patient ID aggregation system to authorize the transfer of a medical file and/or medical image from one medical facility to another. For example, patient A in selecting medical facility 2 can authorize the transfer of medical file x from medical facility 1 to medical facility 2. In an embodiment, the patient ID aggregation system can be configured to run on a mobile device or a computing system accessible by the patient or user.

The mobile device and/or the computing system can be configured to connect to the main server system through a network. When a patient or user authorizes the transfer of a medical file or medical image from one medical facility to another, the patient ID aggregation system can be configured to send an authorization notice or signal or message to the main server system. When the main server system receives the authorization from the patient ID aggregation system, the main server system can be configured to contact and/or instruct the source medical facility to transfer the particular medical file and/or medical image to the destination medical facility. In an embodiment, the main server system can be configured to contact and/or instruct the destination medical facility to receive the selected medical file and/or medical image from the source destination medical facility. In contacting the source medical facility and the destination medical facility, the main server system can be configured to send network security keys to both the source medical facility and the destination medical facility in order for a secure network connection to be established between the two medical facilities.

FIG. 18 depicts an example of an embodiment of a process flow diagram illustrating an example of authorizing the transfer of a medical file and/or medical image from a patient or user using the patient ID aggregation system. The process flow can start at block 1802 wherein patient A uses the patient ID aggregation system 1804 to select medical file x that is stored at medical facility 1 for transfer to medical facility 2. In selecting the medical file x for transfer, the patient ID aggregation system 1804 can be configured to send to the main server 1806 authorization to transfer the medical file x from medical facility 1 space 1808 medical facility space 1810. In an embodiment, the main server system 1806 can be configured to instruct medical facility 1 to transfer the medical file x associated with patient ID 123 to medical facility 2. In an embodiment, the main server system 1806 can instruct the medical facility 2 to receive from medical facility 1 medical file x and associate the medical file x with patient ID number 456. After both medical facilities receive instructions from the main server system 1806, the medical facility 1 space 1808 can be configured to establish a network connection with medical facility 2 in order to transfer medical file x from medical facility 1 to medical facility 2.

FIG. 19 depicts examples of various modalities for patients and/or users to control patient identification numbers. In an embodiment, there are at least three different modalities for controlling access to patient identification numbers. In a first embodiment represented by flow diagram 1902, patient identification numbers are only known by the patient or the user. Specifically, patient identification numbers are aggregated by the patient ID aggregation system in a unidirectional flow. In an embodiment where patient identification numbers are aggregated in a unidirectional flow, the patient ID aggregation system only receives patient identification numbers from the various medical facilities. In other words, patient identification numbers are not sent out to medical facilities from the patient ID aggregation system. For example, medical facility 1 associates patient A with patient ID number 123. In this embodiment, medical facility 1 transfers or sends patient A's identification number 123 to the patient ID aggregation system for storage. Similarly, patient A is associated with patient identification number 456 at medical facility 2 which can be configured to send the patient identification number 456 to the patient ID aggregation system for storage. Additionally, patient A is associated with patient ID number 789 at medical facility 3, which can be configured to send the patient ID number 789 to the patient ID aggregation system for storage.

In a second modality for aggregating patient identification numbers, the patient identification numbers are known by all entities. In this embodiment, as illustrated in flow diagram 1904, patient identification numbers are aggregated and broadcasted by the patient ID aggregation system in a bi-directional flow. Accordingly, the patient ID aggregation system not only receives patient IDs from medical facilities, but the patient ID aggregation system also sends to medical facilities all of the patient identification numbers associated with a particular patient. For example, patient A is associated with a patient identification number 123 at medical facility 1. Medical facility 1 can be configured to send to the patient ID aggregation system patient A's patient identification number 123, and the patient ID aggregation system can be configured to send to the medical facility 1 all of the other patient identification numbers associated with patient A at other medical facilities. A similar bi-directional flow of patient identification numbers occurs at medical facility 2 and medical facility 3.

In a third modality for aggregating patient identification numbers, the patient identification numbers are only known by the patient controlling the patient ID aggregation system and the main server system. In this embodiment, as illustrated by block diagram 1906, patient identification numbers are aggregated by the patient ID aggregation system and/or by the main server system in a unidirectional flow. For example, the patient ID aggregation system can be configured to receive patient identification numbers for patient A from various medical facilities in a unidirectional flow. In an embodiment, the aggregated patient identification numbers can be sent or transferred from the patient ID aggregation system to the main server system. Alternatively, the main server system can be configured to receive the various patient identification numbers associated with patient A from the various medical facilities.

Medical File Transfer Authorization Key

It is envisioned that certain patients and/or users will want to request transfer of one or more medical files and/or records using a mobile device and/or other user access point system of the patient or user. However, there are inherent security issues related to allowing patients to request transfer of medical files from their mobile devices. For example, if a patient loses or misplaces his or her mobile device, a third party may be able to obtain and/or transfer the patient's personal medical files and/or records without the patient's knowledge. Accordingly, there exists a need for a system and or method of authenticating transfer requests of medical files that originate from a mobile device. As such, it can be advantageous to authenticate a transfer request originating from a mobile device and/or other user access point system. In certain embodiments, such authentication method comprises use of one or more authentication keys.

FIG. 20 is a process flow diagram of an embodiment for requesting and transferring medical files and/or medical images wherein the transfer request is authenticated using an authentication key. The process can begin at block 2002 when a patient visits any medical facility. At block 2004, the medical facility checks and/or verifies the identity of the patient. The medical facility can be a source medical facility where one or more medical files to be transferred are initially located, a destination medical facility where the one or more medical files are to be transferred to, or any other medical facility that comprises a client server system. In some embodiments, the medical facility verifies the identity of the patient by checking one or more identification documents of the patient, for example the patient's driver's license, passport, state resident identification card, social security card, or the like.

In some embodiments, if the identity of the patient is verified, a computing system and/or client server system of the medical facility generates an authentication key at block 2006. The authentication key can be, for example, a linear barcode, a two-dimensional matrix barcode, three-dimensional barcode, QR code, or any other code or item that can be inputted into a computing system and/or user access point system. In certain embodiments, the medical facility generates the authentication key according to an authentication key generating algorithm. The authentication key generating algorithm can be pre-determined by the main server system. In certain embodiments, the authentication key generating algorithm is based at least on the location of the medical facility and/or time when the authentication key was generated. In certain embodiments, the authentication key that is generated by the computing system and/or client server system of the medical facility is transmitted to the main server system for verification.

In other embodiments, after verifying the identity of the patient, a computing system and/or client server system of the medical facility generates and sends an electronic communication to the main server system confirming the identity of the patient. After receiving the confirmation, in certain embodiments, the main server system generates and sends an authentication key to the medical facility. In some embodiments, the generated and/or verified authentication key is given to or provided to the patient by the medical facility at block 2010.

At block 2012, a patient and/or user can request transfer of one or more medical files from a source facility to a destination facility using a user access point system. In some embodiments, the user access point system can request that the patient and/or user input an authentication key and/or select an authentication key that is already inputted. At block 2014, a patient and/or user can input and/or select the authentication key into the user access point system. For example, in certain embodiments, the patient and/or user can scan the authentication key into a mobile device using the mobile device's camera, wherein the mobile device is configured to interpret the authentication key, which can be a barcode, thereby avoiding the need for the patient to input the code through an input device, such as a keyboard or touch screen. Alternatively, the patient and/or user can input the authentication key through an input device, such as a keyboard or touch screen, or a wireless signal received from the client-server system, or a SMS/text message, email, or the like. In some embodiments, the user access point system can send the inputted authentication key to the main server system at block 2014.

The main server system can verify the authentication key received from the user access point system at block 2016. In some embodiments, the main server system can compare the authentication key received from the user access point system to an authentication key related to the patient and/or user which is already stored in the main server system. For example, in certain embodiments, the main server system can compare the authentication key it received from the user access point system at block 2016 to the authentication key it received from the medical facility at block 2008. In other embodiments, the main server system can compare the authentication key it received from the user access point system at block 2016 to an authentication key that the main server previously generated for the patient and/or user.

In some embodiments, a single authentication key is tied to a single specific medical file and/or record. For example, in certain embodiments, inputting and/or selecting a particular authentication key will only authorize a transfer request for the particular medical file and/or record connected to that authentication key. In other words, that particular authentication key will not authorize transfer requests of any other medical file and/or record.

In other embodiments, a single authentication key can be tied to more than one medical file and/or record. For example, in certain embodiments, a single authentication key can be tied to all medical files and/or records of a patient at a specific medical facility and/or hospital. In some embodiments, inputting and/or selecting that single authentication key will authorize transfer requests for any medical files and/or records at that particular medical facility. However, in certain embodiments, the particular authentication key will not authorize transfer requests of any medical files and/or records at any other medical facility.

In certain embodiments, a single authentication key is tied to all medical records and/or files that are known of a patient and/or user. For example, in some embodiments, inputting and/or selecting a single authentication key can authorize transfer requests of any medical file and/or record that is known of the patient and/or user. In certain embodiments, a patient and/or user may only need to obtain a single authentication key from a single medical facility in order to authorize transfer requests of any medical file and/or record at a later point in time.

In some embodiments, the system is configured such that a user and/or patient can input one or more authentication keys into the user access point system and/or mobile device which can store the inputted one or more authentication keys. In certain embodiments, the user access point system is configured to receive and aggregate the one or more authentication keys. Once the one or more authentication keys are stored in the user access point system, the user and/or patient can, at a later point in time, select the previously scanned in or otherwise inputted authentication key for authorizing a later transfer request of a medical file and/or record. For example, if a user and/or patient inputs an authentication X into a user access point system at a first point in time, wherein the authentication key X is configured to authorize the transfer of medical file A, then at a later point in time the user can select authentication key X that is stored in the user access point system in order to authorize transfer of medical file A between different medical facilities.

In certain embodiments, the user access point system is not configured to store and/or aggregate one or more authentication keys. Rather, the system is configured such that a user and/or patient has to scan in or otherwise input an appropriate authentication key after every instance of requesting transfer of one or more medical files. Although such embodiments may be more cumbersome for the patient and/or user and a user may also lose the one or more authentication keys, such embodiments can be safer in that the one or more authentication keys are never actually stored in the user access point system. Therefore, even if a user and/or patient loses or misplaces a user access point system, a third party cannot use the user access point system to request transfer of one or more medical files.

In certain embodiments, the user access point system displays or otherwise asks the patient and/or user one or more pre-selected questions as an additional measure to verify the identity of the patient and/or user and to authenticate the transfer request. For example, at block 2018, the user access point system can display one or more questions pertaining to personal information of the patient and/or user. In some embodiments, the patient and/or user previously selected and/or answered the questions, which are now stored in the main server system and/or user access point system. In some embodiments, the patient and/or user inputs answers to the displayed questions, and the answers are sent from the user access point system to the main server for verification by comparing the answers to those that are pre-stored in the main server system. In other embodiments, the user access point system compares the inputted answers to those stored in the user access point system and sends a verification message to the main server system if there is a sufficient match.

At block 2022, the main server system can initiate transfer of the one or more medical files from the source facility to the destination facility. For example, in some embodiments, the main server system can generate and send an electronic communication to the source facility to send the requested one or more medical files to the destination facility. In certain embodiments, the main server system can generate and send an electronic communication to the destination facility to receive the requested one or more medical files from the source facility. In some embodiments, the source facility can send the requested one or more medical files based on the instructions from the main server system at block 2024. Similarly, the destination facility can receive the requested one or more medical files based on the instructions from the main server system at block 2026.

In some embodiments, upon receiving instructions from the main server to transfer the requested one or more medical files, a computing system of the source facility displays the transfer request to a film librarian of the source facility. In certain embodiments, the film librarian can review the request, match the patient identifier with the patient's name, locate any file(s) that satisfy the criteria, review the located file(s) for verification, locate a release form(s), approve or deny the request based one or more of the above, and/or send the approval or denial to the main server system. In some embodiments, the film librarian can perform additional functions or a subset of the functions above. In other embodiments, once the source facility verifies the patient's identity in-person and/or gives an authentication key to the patient, any subsequent transfer requests from that patient that utilizes the authentication key for medical file(s) located at the same source facility are processed automatically without a film librarian's input.

Patient Identifier Masking System

It is envisioned that certain patients will want to hide their patient identification numbers from various medical facilities because certain patients may have concerns about privacy issues and/or misuse of the patient's patient identification number, related medical files, or the like. For example, if a person at hospital A knows a patient's confidential patient identification number at hospital B, that person may be able to use the patient's patient identification number for nefarious purposes.

To guard against such scenarios, it can be advantageous to mask a patient identifier used by one medical facility so that the patient identifier is not apparent to another medical facility. For example, when a medical file(s) is transferred from a source facility to a destination facility, it can be advantageous for safety reasons if the destination facility does not have direct access to the patient identifier used by the source facility. It can also be advantageous if the source facility does not have direct access to the patient identifier used by the destination facility. Accordingly, in some embodiments, the patient identifier used by the source facility and/or the destination facility is masked or covered such that the patient identifier of one facility is not clearly disclosed to another facility. In some embodiments, a patient identifier used by a source facility and/or destination facility is masked using a unique user identifier that is assigned and/or used by a main server system to identify the patient.

FIG. 21 is a process flow diagram of an embodiment for masking a patient identifier used by a source facility and/or destination facility. The process can begin at block 2102 when a patient and/or user requests transfer of one or more medical files from a source facility to a destination facility. In some embodiments, the request can be received by a user access point system.

In certain embodiments, a user access point system generates and sends a transfer request to a main server system based on the patient and/or user's request. The transfer request sent by the user access point system to the main server system can comprise a first patient identifier used by a source medical facility, where the one or more medical files requested for transfer are located, to identify the patient. The transfer request sent by the user access point system to the main server system can also comprise a second patient identifier used by a destination medical facility, where the one or more medical files are requested to be transferred, to identify the patient.

In some embodiments, the main server locates, identifies, and/or generates a unique user identifier based on the received transfer request at block 2106. In certain embodiments, the unique user identifier is different from the first and/or second patient identifiers used by the source and destination facilities to identify the patient. The unique user identifier can be preselected for the particular patient and/or user by the main server system and/or one or more client server systems. In some embodiments, the main server comprises a database of the first and second patient identifiers for future reconciliation. In other embodiments, the main server comprises a database of all known patient identifiers related to a patient for future reconciliation.

Based on the received transfer request, the main server system can, in some embodiments, generate and send an electronic communication to the source facility at block 2108 to transfer the requested one or more medical files to the destination facility. In certain embodiments, the electronic communication to the source medical facility can comprise the first patient identifier used by the source medical facility to identify the patient and the user identifier used by the main server system to identify the patient. In certain embodiments, the electronic communication to the source medical facility does not comprise the second patient identifier used by the destination medical facility to identify the patient. In some embodiments, the electronic communication to the source medical facility also comprises instructions to the source facility to replace the first patient identifier in the requested one or more medical files with the user identifier before transmitting the one or more medical files to the destination facility.

In some embodiments, upon receiving instructions from the main server to transfer the requested one or more medical files, a computing system of the source facility displays the transfer request to a film librarian of the source facility. In certain embodiments, the film librarian can review the request, match the patient identifier with the patient's name, locate any file(s) that satisfy the criteria, review the located file(s) for verification, locate a release form(s), approve or deny the request based one or more of the above, and/or send the approval or denial to the main server system. In some embodiments, the film librarian can perform additional functions or a subset of the functions above. In other embodiments, transfer requests are processed automatically at the source facility without a film librarian's input.

Similarly, based on the received transfer request, the main server system can in some embodiments generate and send an electronic communication to the destination facility at block 2110 to receive the requested one or more medical files from the source facility. In certain embodiments, the electronic communication to the destination medical facility can comprise the second patient identifier used by the destination medical facility to identify the patient and the user identifier used by the main server system to identify the patient. In certain embodiments, the electronic communication to the destination medical facility does not comprise the first patient identifier used by the source medical facility to identify the patient. In some embodiments, the electronic communication to the destination medical facility also comprises instructions to the destination facility to replace the user identifier in the requested one or more medical files with the second patient identifier after receiving the one or more medical files from the source facility.

In some embodiments, the source medical facility at block 2112 replaces the first patient identifier in the requested one or more medical files with the user identifier and sends the one or more medical files to the destination facility at block 2114. In some embodiments, the one or more medical files sent by the source facility to the destination facility are not clearly marked or labeled with the first patient identifier in the header and/or body portions of the one or more files.

In certain embodiments, the destination medical facility at block 2116 receives the one or more medical files from the source facility. In some embodiments, the destination facility receives the one or more medical files based on the instructions received from the main server system. In certain embodiments, the destination facility replaces the user identifier in the one or more medical files received from the source facility with the second patient identifier that is used by the destination facility to identify the patient. In some embodiments, one or more user identifiers in the header and/or body portions of the one or more medical files are replaced with the second identifier.

Authorization and Transfer of Medical Files at Hospital Check-in

When a patient visits a particular medical facility for a first time, the patient may want to transfer one or more medical files from another medical facility to save time, cost and/or to provide prior medical history, among other reasons. Accordingly, in certain embodiments it can be advantageous to authorize and/or initiate transfer of one or more medical files from a source facility upon check-in at a destination medical facility. For example, in some embodiments, a user access point system can display a unique code that can be scanned into the destination medical facility's computing system to initiate transfer of one or more medical files from a source medical facility to the destination medical facility.

FIG. 22 is a process flow diagram of an embodiment for authorizing and/or initiating transfer of one or more medical files from a source medical facility upon check-in at a destination medical facility. The process can begin at block 2202 when a patient and/or user requests transfer of one or more medical files from a source facility to a destination facility. In some embodiments, the request can be received by a user access point system.

In some embodiments, the user access point system generates and sends an electronic communication to the main server system at block 2204 based on the received request to transfer one or more files from the source facility to the destination facility. The electronic communication can comprise, for example, a list of the one or more files requested for transfer and their location(s). The one or more files can be located at more than one source medical facility in some embodiments.

In certain embodiments, the main server system generates and sends a unique code to the user access point system based on the received request at block 2206. The generated unique code can be configured to function as a reference for a list of the one or more medical files that were requested for transfer and their locations. In some embodiments, the generated unique code can be a linear barcode, a two-dimensional matrix barcode, three-dimensional barcode, QR code, or any other code or item that can be inputted into a computing system.

In some embodiments, the patient and/or user can instruct the user access point system to display the unique code received from the main server system at block 2208. When the patient and/or user goes to the destination medical facility, the patient and/or user can scan in or otherwise input the displayed unique code into one or more computing systems of the destination medical facility at block 2210. For example, the patient, user, and/or personnel at the destination medical facility can scan in the unique code displayed on the patient and/or user's user access point system using a scanner of the destination medical facility. In some embodiments, the scanner can be connected to one or more computing systems of the destination medical facility.

In certain embodiments, the client server system and/or other computing system of the destination facility generates and sends an authentication message to the main server system at block 2212 based on the inputted unique code. In some embodiments, the electronic communication sent to the main server system comprises the scanned unique code. In certain embodiments, the main server receives the scanned unique code and verifies the unique code. For example, the main server system can compare the scanned unique code to the unique code that the main server generated for the particular user and/or patient.

If the unique code is verified, the main server in some embodiments can initiate transfer of the one or more medical files from the source medical facility to the destination medical facility. For example, the main server system can generate and send an electronic communication to the source medical facility to send the requested one or more medical files to the destination medical facility. The main server system can also generate and send an electronic communication to the destination medical facility to receive the requested one or more medical files from the source medical facility.

In some embodiments, upon receiving instructions from the main server to transfer the requested one or more medical files, a computing system of the source facility displays the transfer request to a film librarian of the source facility. In certain embodiments, the film librarian can review the request, match the patient identifier with the patient's name, locate any file(s) that satisfy the criteria, review the located file(s) for verification, locate a release form(s), approve or deny the request based one or more of the above, and/or send the approval or denial to the main server system. In some embodiments, the film librarian can perform additional functions or a subset of the functions above. In other embodiments, transfer requests are processed automatically at the source facility without a film librarian's input.

In some embodiments, the source facility sends the requested one or more medical files to the destination facility at block 2216 based on the main server system's instructions. Similarly, in certain embodiments, the destination facility receives the requested one or more medical files from the source facility at block 2218 based on the main server's instructions.

Expedited Hospital Check-in

Generally, when a patient visits a particular medical facility for a first time, the patient needs to fill out a questionnaire and/or information sheet with the patient's information. Accordingly, in certain embodiments it can be advantageous to expedite this process by an automated system. FIG. 23 is a process flow diagram of an embodiment for automatically initiating transfer of patient information from a main server system to a destination medical facility upon check-in at the destination medical facility.

The process can begin at block 2302 when a patient and/or user inputs patient information into the system. In some embodiments, patient information can be inputted via a user access point system. In certain embodiments, a patient and/or user can input his or her personal information, for example, sex, age, blood type, known health conditions, and/or medical history, or the like. The user access point system itself in some embodiments can store the inputted information. Alternatively or concurrently, the user access point system can send the inputted information to the main server system at block 2304. In certain embodiments, the main server receives the inputted patient information and stores the patient information in an electronic database at block 2306.

In some embodiments, the main server system generates and sends a unique code to the user access point system at block 2308. The unique can be configured to function as a reference and/or key to the patient information stored in the main server system. In some embodiments, the unique code can be a linear barcode, a two-dimensional matrix barcode, three-dimensional barcode, QR code, or any other code or item that can be inputted into a computing system. In certain embodiments, the user access point system can be configured to display the unique code at block 2310.

In certain embodiments, the unique code that is displayed on the user access point system can be scanned in or otherwise inputted to one or more computing systems at the destination medical facility at block 2312. For example, the patient, user, and/or personnel at the destination medical facility can scan in the unique code displayed on the patient and/or user's user access point system using a scanner of the destination medical facility. In some embodiments, the scanner can be connected to one or more computing systems of the destination medical facility.

In certain embodiments, when a patient and/or user scans or otherwise inputs the unique code into the one or more computing systems of a destination medical facility, the one or more computing systems of the destination medical facility can be configured to download and/or store the patient's information. For example, upon scanning or otherwise inputting the unique code, the one or more computing systems and/or client server system of the destination medical facility can send the unique code to the main server system for verification at block 2314. For example, the main server system can compare the scanned unique code to the unique code that the main server generated for the particular user and/or patient. If verified, in some embodiments, the main server system can locate patient information related to that unique code and electronically send the information to a client server system of the destination medical facility at block 2318.

Fraud Detection

Given the ease and efficiency of transferring medical files using the systems and methods described herein, it can be important to ensure that personal medical files are not fraudulently transferred without the patient's knowledge. Accordingly, in some embodiments, it can be advantageous to implement a fraud protection scheme configured to detect non-traditional transfer requests and/or alert patients of such activity. FIG. 24 is a process flow diagram of an embodiment for detecting suspicious activity for preventing fraudulent transfer of medical file(s).

The process can begin at block 2402 when the main server receives a request to transfer one or more medical files of a patient from a source facility to a destination facility. In some embodiments, upon receiving every request, the main server can be configured to access the transfer history database to conduct a fraud detection analysis. In certain embodiments, the main server can be configured to access the transfer history database and conduct a fraud detection analysis only for a pre-determined set of patients or users. For example, the main server can be configured to conduct a fraud detection analysis only for suspicious accounts and/or high profile patients. Accounts can be flagged as suspicious if the number of transfer requests in a set period of time is or has been above a pre-determined threshold value and/or if the geographic diversity of destination facilities for past requests have been above a pre-determined threshold. Geographic diversity can refer to the location of destination facilities that previous transfer requests involved. For example, if the past ten file transfer requests were for transferring files to different destination facilities all over the country, then the distributive pattern can be a trigger for suspicious activity.

In some embodiments, once the fraud detection analysis begins, the main server determines the number of transfer requests associated with the patient's account in a set period of time at block 2406. If the number of transfer requests per time is at or above a threshold value, then the main server can be configured to lock the account at 2408 and deny any further transfer requests for that account. In some embodiments, the main server can be configured to send a confirmation message, e-mail, text message, or telephone call to the patient at block 2408 notifying the account lock and suspicious activity. The threshold value can be pre-set by the main server in some embodiments. In other embodiments, the threshold value can be customized by the patient at an earlier point in time. For example, in certain embodiments, a patient can customize the threshold value when setting up the patient's account for the first time.

If the number of transfer requests per time is below a threshold value, the main server can be configured to determine whether the geographic diversity of destination facilities for the request alone or in combination with past requests is above a threshold value at block 2410. If the geographic diversity is at or above a threshold, then the main server can be configured to lock the account at 2408 and deny any further transfer requests for that account. In some embodiments, the main server can be configured to send a confirmation message, e-mail, text message, or telephone call to the patient at block 2408 notifying the account lock and suspicious activity. The threshold value can be pre-set by the main server in some embodiments. In other embodiments, the threshold value can be customized by the patient at an earlier point in time. For example, in certain embodiments, a patient can customize the threshold value when setting up the patient's account for the first time.

In some embodiments, if the geographic diversity of destination facilities and/or number of requests per period of time are below threshold values, then the main server instructs transfer of the requested medical file(s) from a source facility to a destination facility at block 2412. The fraud protection process or one or more steps thereof can be implemented in combination with any of the systems and/or methods described herein.

Conditional language, such as, among others, “can,” “could,” “might,” or “may,” unless specifically stated otherwise, or otherwise understood within the context as used, is generally intended to convey that certain embodiments include, while other embodiments do not include, certain features, elements and/or steps. Thus, such conditional language is not generally intended to imply that features, elements and/or steps are in any way required for one or more embodiments or that one or more embodiments necessarily include logic for deciding, with or without user input or prompting, whether these features, elements and/or steps are included or are to be performed in any particular embodiment. The headings used herein are for the convenience of the reader only and are not meant to limit the scope of the inventions or claims.

Although the embodiments of the inventions have been disclosed in the context of a certain preferred embodiments and examples, it will be understood by those skilled in the art that the present inventions extend beyond the specifically disclosed embodiments to other alternative embodiments and/or uses of the inventions and obvious modifications and equivalents thereof. In addition, while a number of variations of the inventions have been shown and described in detail, other modifications, which are within the scope of the inventions, will be readily apparent to those of skill in the art based upon this disclosure. It is also contemplated that various combinations or subcombinations of the specific features and aspects of the embodiments may be made and still fall within one or more of the inventions. Accordingly, it should be understood that various features and aspects of the disclosed embodiments can be combine with or substituted for one another in order to form varying modes of the disclosed inventions. Thus, it is intended that the scope of the present inventions herein disclosed should not be limited by the particular disclosed embodiments described above. 

1. A computer-implemented method for transferring one or more medical files from a source facility to a destination facility over a computer network, the method comprising: displaying by a user access point system a list of one or more medical files associated with a user, wherein the one or more medical files are located at one or more medical facilities; receiving by the user access point system a request from the user to transfer one or more medical files from a source facility to a destination facility; scanning by the user access point system an authentication key, wherein the authentication key is generated by a client server system of the one or more medical facilities, given to the user after verifying identification of the user by the one or more medical facilities, and transmitted electronically to a main server; and transmitting electronically by the user access point system the scanned authentication key to the main server, wherein the main server is configured to compare the scanned authentication key to the authentication key received from the client server system, wherein the main server is further configured to initiate transfer of the one or more medical files from the source facility to the destination facility over the computer network based on the authentication, and wherein the user access point system comprises a computer processor and an electronic storage medium.
 2. The computer-implemented method of claim 1, wherein the authentication key is a barcode.
 3. The computer-implemented method of claim 1, wherein the authentication key is generated by the client server system of the one or more medical facilities according to an authentication key generating algorithm, wherein the authentication key generating algorithm is pre-determined by the main server.
 4. The computer-implemented method of claim 2, wherein the authentication key generating algorithm is based on a location of the one or more medical facilities and time of generating the authentication key.
 5. The computer-implemented method of claim 1, wherein the main server is further configured to verify the authentication key generated and transmitted by the client server system.
 6. The computer-implemented method of claim 1, wherein verifying identification of the user comprises verifying one or more identification documents of the user by the one or more medical facilities.
 7. The computer-implemented method of claim 1 further comprising receiving by the user access point system input from the user in response to questions configured to further confirm identification of the user, wherein the questions are pre-selected by the user.
 8. The computer-implemented method of claim 1, wherein the user access point system is a mobile device comprising a browsing module configured to present data and a user interface configured to allow user interaction with the data over the computer network.
 9. The computer-implemented method of claim 1, wherein the user access point system comprises one or more computer systems.
 10. A computer-implemented method for transferring one or more medical files from a source facility to a destination facility over a computer network, the method comprising: receiving by a main server a request from a user access point system to transfer one or more medical files from the source facility to the destination facility, wherein the request comprises a first patient identifier and a second patient identifier, wherein the first patient identifier is used by the source facility to identify the user and the second patient identifier is used by the destination facility to identify the user; determining by the main server a user identifier associated with the user based on the received request, wherein the user identifier is used by the main server to identify the user; transmitting electronically by the main server a first electronic communication to the source facility to transfer the one or more medical files to the destination facility, wherein the first electronic communication comprises the first patient identifier and the user identifier, wherein the source facility is configured to replace the first patient identifier with the user identifier in the one or more medical files and transfer the one or more medical files to the destination facility based on the first electronic communication; transmitting electronically by the main server a second electronic communication to the destination facility to receive the one or more medical files from the source facility, wherein the second electronic communication comprises the second patient identifier and the user identifier, wherein the destination facility is configured to receive the one or more medical files from the source facility and replace the user identifier with the second patient identifier in the one or more medical files based on the first electronic communication; wherein the user access point system comprises a computer processor and an electronic storage medium.
 11. The computer-implemented method of claim 10, wherein the one or more medical files comprise all medical files that are associated with the first patient identifier.
 12. The computer-implemented method of claim 10, wherein the user identifier is different from the first patient identifier and the second patient identifier.
 13. The computer-implemented method of claim 10, wherein the main server comprises one or more computer systems.
 14. The computer-implemented method of claim 10, wherein the source facility is configured to replace only the first identifier in a header portion of the one or more medical files with the user identifier.
 15. A computer-implemented method for transferring one or more medical files from a source facility to a destination facility over a computer network, the method comprising: receiving by a user access point system a request from a user to transfer one or more medical files from the source facility to the destination facility; generating by the user access point system an electronic communication based on the request and transmitting the electronic communication to a main server, wherein the main server is configured to generate a unique code based on the request; receiving by the user access point system the unique code from the main server; displaying by the user access point system the unique code, wherein scanning the unique code at the destination facility initiates generation of an authentication message to the main server, wherein the main server is further configured to initiate the transfer of the one or more medical files from the source facility to the destination facility based on the authentication message, wherein the user access point system comprises a computer processor and an electronic storage medium.
 16. The method of claim 12, wherein the unique code is a barcode.
 17. The method of claim 12, wherein the user access point system comprises one or more computer systems.
 18. The method of claim 12, wherein the authentication message comprises the unique code.
 19. The method of claim 12, wherein the main server is further configured to verify the unique code received from the user access point system by comparing with the unique code the main server generated.
 20. The method of claim 12, wherein scanning the unique code at the destination facility further initiates downloading by one or more computer systems of the destination facility patient information related to the health of the user from the main server. 